There are many advantages of VPN. From a security perspective, virtual private networks offer a higher level of protected communications unlike other remote methods of communication. This is because advanced technologies are used to protect the network from any unauthorized access. From a cost perspective, when it comes to operating a VPN within an organization the costs are lower than other types of configurations. This is because the lack of variables for different types of communications over the VPN and the opportunity to communicate securely at the low cost in other areas of the world. Essentially, VPN is a popular technology which offers more flexibility for business associates to communicate over a secure connection without sacrificing security.
Absolutely, I agree with you. Security is one of the biggest challengers in today’s interconnected world. Local security solutions such as antivirus, firewall, etc., are not sufficient to protect you unfortunately. A separate, external solution is needed to protect the communication from you to the outside world.That’s where VPN comes to play. VPNs secure the otherwise insecure connection between you and remote resources. VPNs should be used especially in public networks such as WiFis. In any case, as a general rule no network should be considered secure because the communication flow passes through numerous points (routers) and for an attacker is sufficient to compromise any one of these points in order to compromise the communication channel and its information flow.
Along with security VPN provides access to remote systems. This helps connect to systems even when you are not physically present serving the important component, availability.
In fact, VPN allows individual users to establish secure connections with a remote computer network. The users can access the secure resources on that network as if they were directly plugged in to the network’s servers. For example, salespersons of a large firm can access the firm network via VPN when they are in the field.
I agree, the security aspect of VPN is incredibly important. With more and more people working remotely, the risk of security breach increases. There are some people who, if their systems allow it, will do their work over a Starbucks connection, which of course is not secure at all and very, very risky so far as the risk of data loss goes. VPN helps mitigate these risks.
At the same time, it can be a way for the hackers or other criminal organizations to remain hidden? In fact, some people use VPN because they want to stay anonymous. VPNs present several advantages but they also open new securities issues, as we can’t monitor them.
To add to that as VPN hides the location details of the person accessing the network, it is easily used to access the sites which are banned by the government posing as a user from a different country.
A VPN can definitely open up new security issues. It’s a difficult balance between building secure architecture and applications and preventing its use for nefarious activities. But it’s not possible at the moment to maintain the integrity technology like VPNs while prevent these issues. From my personal experiece, I know people who use VPNs to download movies and music illegally. The VPN masks their identity and activity and enables this type of activity. On the other hand, I use a VPN when I’m on a public or unsecured wifi because of the same benefits.
Once a user established VPN connection to his/her company’s next work, the node he/she logged in becomes part of the company’s network….what controls a company should deploy to mitigate the risk caused by the activities you mentioned above, such as downloading movies and music illegally?
I believe preventive control should taking place to mitigate the risk such as downloading movies and music illegal. Preventive control such as set up authorization of websites that employees can visit. I remembered when I was back in high school, we use to have independence study class. I was trying to watch something on Youtube but I wasn’t allowed to because authorization is required.
Absolutely, preventative controls similar to “parental controls” should be used to block websites that are not approved by the company. I also believe “getting caught” can be a strong deterrent for future misuse. There could be a type of alerting/logging system set up that monitored what sites a user visited. If a site they visited is on a list of flagged sites (facebook, youtube, etc.) an automatic email could be sent to the user letting them know that they visited a restricted site. Just sending a notice to the user that their activity is being monitored could prevent them from doing it again.
Said, great point. VPN are used to both protect data, but also are commonly used for privacy issues as well. I know on the darkweb VPNs are constantly used to protect the privacy of the end user
* PC Anywhere – Involves buying the (somewhat expensive) PC Anywhere software & installing/configuring it on the office PC and on the remote. Once purchased, there are no operational costs other than the occasional upgrade.
* GoToMyPC, from Citrix – subscription based model, where you pay a monthly/annual fee to use their Internet service to connect to your office (or home) PC/Mac from any Internet connected PC via a browser.
* LogMeIn – Free; Create an account on the LogMeIn site, load a small application on any PC/Mac/Server you want to connect to.
* iPad apps – If you just need access to an office or home PC/Mac from an iPad, there are apps for that! Example: Splashtop
I’m sure cost is a factor. There are some very costly solutions that are available and I’m sure they work well, but why pay more than you need to if the end result is basically the same? Additionally Ian mentioned an app on the ipad. That requires a company to not only outfit their team with macs (very expensive), but it requires them to also provide iPads to employees (also very expensive). Also, I’m not an Apple person so I can’t speak specifically to the iPad, but tablets in general aren’t nearly as secure as computers are, and viruses for such devices are becoming more common.
You’re right. Security and cost-saving are two main advantages, so many individuals and organizations choose VPN. I read an article about how VPN to keep security, one interesting method is that it could hide or change your IP address to keep you under cover when browsing from your devices, so that you could surf online without worrying that spying eyes are following you.
That’s correct, the VPN users can improve the security by using the VPN provider’s IP address and other information instead his own location. Besides the security, VPN also allowed the internet users from limited area break the online limitation. For example, the Great Firewall of China (GFW) forbid users in mainland China to visit some oversea websites, but with the help of VPN, users can change their location in different IP address, and access the shielded websites.
In my experience cost/benefit analysis is always the first analysis done when trying to select a technology for a project. While it may not be hte only one, I do believe that in my experience it carries the most weight. That being said, it does not mean that the cheapest solution is or should normally be selected, however, if there are 2 very similar options, they will almost always choose the cheaper of the 2.
The VPN will allow remote connectivity in secure manner , the VPN is good business productivity tool for mobile workforce.
One of crucial tools to secure VPN is use of two factor authentication 2FA.
Student/worker can use provided VPN from their school or company to access resources on their network when they’re at home or traveling. Other advantages include share files, online anonymity, unblock websites and bypass filters, change IP address, better performance and reduce maintenance costs.
What is OSI model? What’s the main function of each OSI layer?
The Open Systems Interconnection (OSI) model is comprised of seven layers:
-Application: partners are identified and network capacity is assessed. This layer is not directly the app itself, more of a set of services the app should use. However, some app may perform app layer functions directly.
– Presentation: a part of an OS and converts incoming and outgoing data from one format to another
-Session: sets up, coordinates and terminates conversations sessions, usually by authentication and connection
-Transport: packages data in order to deliver while checking for errors
-Network: handles the addressing and routing of the data via IP addresses over the internet
-Data Link: links data across the physical network, which consist of 2 sublayers: Logical Link Control Layer and the Media Access Control Layer. However, Ethernet is the main data link layer in use.
-Physical: It provides the streaming of data; the hardware means of sending and receiving data on a carrier network.
The main focus of the OSI reference model is guide vendors and developers so the digital communication products and software programs interoperate. The main concept of OSI is that the process of communication between two endpoints in a telecommunication network can be divided into seven distinct groups of related functions.
you’re right Laly. In fact, the purpose of the OSI reference model is to make networks more manageable and to aid the problem of moving data between computers.
Yeah there are a few advantages of using the OSI reference model :
• It operates and works independently of the operating system
• It enables the inter networking between the organizations
• It has a client-server architecture
I agree of your summary of OSI mode. In nutshell, OSI is abstract model for operating systsme ocmmunication stack starting from physical media all the way up to operating system kernel. The structure describes the functions and interactions of various data communication protocols in systems.
Virtual Private Network (VPN) is a network created between you and what you access. VPN tunnels your location and encrypts your data. This acts as a cognition- no one else can see, control or influence your activity. As you can image there are many advantages of VPN.
– Hiding/ changing your IP address: Changing your IP will help you not only to unblock restricted websites, but also to hide your identity and protect your personal data from being stolen.
– Privacy: Because of encryption, VPN keeps all your Internet activity private, far from any unwanted eyes.
– Security: VPN creates a safe connection between you and the servers. This protection is really hard, almost impossible to break.
– Unblock geo-restricted sites: I know while studying abroad in Spain, I had no access to Netflix. VPN’s allow you to the possibility to access geographically blocked sites from anywhere in the world.
Laly – I accidentally posted this below as well. I meant to post it here. Great VPN advantages answer. I think a lot of your advantages depend on the planning that is needed in order to take the proper precautions that result in strong security.
Some disadvantages of a VPN is that VPN requires experienced employees that have knowledge with public networks security, password and data encryption, network address encryption,
VPN also has issues with availability and performance because VPN is difficult to control. VPN tends to have speed much slower than a traditional connection.
I will say that VPN is used when people attempt to secure their Internet connection to maintain anonymity while browsing. I know this post is about some disadvantages but I do believe that VPNs are mostly positive when secured correctly and when an individual would like to secure network accesses.
Ian I like the fact that your brought up some disadvantages of VPN.
Actually talking about security, if you want to remain anonymous online, a VPN can hide your real IP by using the VPN IP instead. However, the VPN IP is shared by an unknown number of persons, and its usage is public as long as the person subscribe a contract to the VPN provide. Therefore, by using a VPN, you open yourself to attacks such as IP spoofing.
On top of that, your IP address may be blacklisted due to the activity of another VPN user, which may result into limited or refused access into some websites.
So, VPN is very likely to reduce the trust that the destination service (bank, insurance account etc) has in you.
Not sure if you read my reply to Ian. It most definitely coincides with your point. Some VPN service providers are not worth your trust. Some diligently log your connection times, dates, IP addresses, keep track of how long you’re connected, and some even keep an eye on the types of traffic that you send through their networks while you’re logged in. They’ll tell you it’s in order to make sure you’re not doing anything illegal, or anything that would damage their network, but that level of snooping does kind of go against the whole purpose of a VPN, doesn’t it?
Great point. I didn’t think about it in that regard.
However. while studying abroad everyone was raving about VPN so they could stream Netflix and their shows back home. I was reluctant to use it because, I knew you had to go through 3rd party websites to hid your VPN.
Not sure, if you have heard of HOLA.org however, after a few of my friends download the google chrome extension they experienced viruses and hacking. They later found out that Hola was selling their computers networks to anyone who was willing to pay.
Great point Ian, VPN may slow down the speed. About having experienced employees having encryption knowledge holds true only to a person who is setting up the VPN. For a user, it is just another level of authentication they need to provide.
I have experienced that companies prefer the employees to directly connect to servers rather than saving work locally. Working locally has data retention, data clean up, intellectual property clauses. Hence setting up VPN benefits the company in having all data on their server and they can keep track of data transfer.
Ex. In case of multinational firms where employees are ;located in another country, VPN will help monitor if an important file has been sent to a personal email id of the employee.
Definitely Priya. VPN slows down the speed. It is still not a choice for the developers to do programming through VPN. Sending files and working on some data on local server is done well but for managing database and programming it is still not a choice unless and until there is an urgent need.
Also the speed related to VPN depends on the network provider the employee is using. VPN is suggested to be used when the office network is not available like if the user is working from home or onsite.
For users working remotely needs to be connected to VPN to update the patches or updates that are pending.
I also agree with you. The speed is definitely depending on the internet providers if you are using the internet-based VPN. VPN is heavily used for the purpose of working remotely while connected to the organizations/companies network. Speed can’t be matched up to the local/physical lines; however, many organizations/companies are enjoying using the internet-based internet. Why? because it is cost-effective, secured and more than ever efficient means to work remotely.
Ian, you brought up a good point about the speeds over VPN being much slower than traditional internet. I agree partly to that view as the technology by itself is not designed such that speed achieved over VPN is slower than the parent connection however the different vpn clients that you use generally have a significant difference in the speeds you encounter. My previous company was earlier using a common VPN software which did give significantly lower speeds than the parent connection however the company switched over to a different and new VPN client a couple of years back and there is absolutely no noticeable difference in the speeds between VPN and the parent connection.
I totally agree with you. I want to add an example about VPN unblocks geo-restricted sites. In China, we’re not allowed to access to any Google services, but with VPN, costs 3-5 dollar for individual users, you could connect to Google, Youtube or any other blocked websites.
What is OSI model? What’s the main function of each OSI layer?
Open Systems Interconnection (OS) is reference model for how applications can communicate over a network. It guides vendors and developers so the digital communication products and software programs they create will work together without special effort on the part of the customer. OSI also facilitate clear comparisons among communications tools.
It has 7 layers of communication provided by a combination of applications, operating systems, network card device drivers/ enabling a system to put a signal on a network cable or out over Wi-Fi.
The seven layers and their main function, in descendant order are as follow:
Application: responsible for network services to applications
Presentation: transform data formats to provide a standard interface for the Application layer
Session: establishes, manages and terminates connections between the local and remote application
Transport: provide reliable transport and flow control across a network
Network: responsible for logical addressing and domain routing
Data link: provides physical addressing and media access procedures
Physical: defines all the electrical and physical specification for devices
Interesting that you talked about domain routing in Network Layer. Since even the routers that we have at home, have a job of finding the best and the most reliable path for packets to travel. I am wondering if the routers are involved mainly on the Network layer.
Yes Abhay, routers operate mainly at the network layer. Routers handle incoming packets from various sources, determine their final destination, and then figure out where they need to be sent to get them where they are supposed to go.
Routers operate primarily at the Network Layer like you suggested. At home though it can get a little trickier in a sense. Most home routers are multi-layer switches. For example, if you have a router from Comcast Xfinity, it operates as your router (Layer 3) and as a switch (Layer 2) as well. It also will more than likely have a built-in firewall that you can manage through logging in as an admin to the switch interface.
A VPN is one solution for many organizations/businesses to establish a long-distance and secured network connections. Compared to other technologies, a VPN has several advantages which are cost saving and scalability. For the cost-saving perspective, a VPN can is beneficial in eliminating the need for expensive long-distance leased lines, reducing long-distance telephone charges, and offloading support costs. A VPN is no longer requiring organizations to rent network capacity such as T1 lines to fulfill their secure connectivity between their office locations. With a VPN, you can utilized existing public network infrastructure including the internet to make these connections. A VPN also can replace remote access servers and long-distance dial-up network connections commonly used in the past by business travelers needing to access to their company intranet. For example, with an Internet VPN, clients need only connect to the nearest service provider’s access point that is usually local. With VPNs, the cost of maintaining servers tends to be less than other approaches because organizations can outsource the needed support from professional third-party service providers. These providers enjoy a much lower cost structure through economy of scale by servicing many business clients.For the scalability perspective, Internet-based VPNs avoid this scalability problem by simply tapping into public lines and network capability readily available. Particularly for remote and international locations, an Internet VPN offers superior reach and quality of service.
Great post Daniel. I agree with you that the level of security an organization can achieve using VPN with a decent cost is great. However it must be ensured that the service provider for the Internet via which the network is connected must have minimal downtime and good connectivity. Otherwise the day to day business work will be impacted.
You are absolutely right. When using the internet-based VPN, the shortcoming you should expect is you no longer have an absolute control on the connectivity of the internet. That is, if the internet providers’ server is down, your VPN will be also disconnected because your VPN is highly depending on the providers’ systems.
A good point made here. VPN helps in reducing the cost for the organisation. The Accenture case which we read mentioned the same point. Accenture established a global delivery network giving its employees a facility to work remotely and hence reducing the IT cost per person by 69% which is a big number.
In this way VPN has definitely proved its need and cost justification.
VPN is an alternative to what can be very costly private leased lines from a service provider. The VPN technology allows us to leverage best-effort braodband connections while still securing the mission critical traffic and keeping that sensitive information out of others’ hands. While they can still see the data, the encryption makes it essentially useless.
VPN is a technology which creates a virtual private network to which end users are connected via an encrypted channel.
Its main advantages are as below:
Ensure security – even if the communication channel is compromised, you cannot be harmed or the harm will be minimal if you are connected to a VPN because the VPN connection is encrypted and cannot be decrypted and thus read.
Protect your privacy – with VPN whenever you visit web sites, listen to radio, chat, etc. you will be identified with the VPN provider, i.e. his IP address, location etc. Your own IP address and personal details will remain hidden.
Allow access to restricted resources- VPNs have multiple points of presence in different geographic regions. The fact that you are identified only with the VPN provider allows you to circumvent any geographical restrictions.
I strongly agree with you, VPN can protect your privacy. To protect your privacy you should use VPN again. Thus, with VPN whenever you visit web sites, listen to radio, chat, etc. you will be identified with the VPN provider, i.e. his IP address, location etc. Essentially, your own IP address and personal details will remain hidden.
Just to add to your privacy point Brou, VPN also first encrypts the data before sending it to the network thus reducing the chances of data breach to minimum. This helps in maintaining the confidentiality and integrity of data.
I agree with you about security and privacy, that’s two of main serious challenges in today’s world, and I just want to add something related what you said better internet connection.
It’s not unusual that sometimes your Internet routes may not be optimal or bandwidth is limited especially connect to international online resources. which could lead to poor web experience and slow browsing. In such cases you can connect to a local VPN point of presence which further routes your traffic. This will allow you to have a bandwidth to distant destinations similar to the bandwidth available between you and your local VPN server.
I strongly agree with you. Indeed, the VPN can significantly enhance the security for the internet users. By using the VPN, people who connect the internet will directly transfer their data to the VPN servers with the coded protection. This increase the difficulty to attackers who wants to steal the information from the users. Moreover, the VPN can also lower the cost to the company, so overall, the VPN improves the security with lower cost.
Q1: What is OSI model? What’s the main function of each OSI layer?
The OSI Model = the Open Systems Interconnection Model
7 Layers of the OSI Medel:
1. Physical (Layer 1) – OSI Model, Layer 1 conveys the bit stream – electrical impulse, light or radio signal – through the network at the electrical and mechanical level.
2. Data Link (Layer 2) – At Layer 2, data packets are encoded and decoded into bits. It furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization.
3. Network (Layer 3) – Layer 3 provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node.
4. Transport (Layer 4) – Layer 4 provides transparent transfer of data between and systems, or host, and is responsible for end-to-end error recovery and flow control.
5. Session (Layer 5) – This layer establishes, manages and terminates connections between applications.
6. Presentation (Layer 6) – This layer provides independence from differences in data representation by translating from application to network format, and vice versa.
7. Application (Layer 7) – Layer 7 supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified.
I agree with you. The layer has two types. One is host layers, which were including Application layer, Presentation layer, Session layer, and Transport layer. Another one is Media layers, which were including Network layer, Data link layer, and Physical layer.
Daniel, it must be noted that the OSI model is an abstract model that provides a framework that defines the functions of each layer. In other words the OSI standard defines the interfaces between the layers and as the data is passed from layer to layer, each layer adds its own information.
Great points! As you said, as the data goes from each layer to the next information is either added to or stripped from the data depending upon whether the data is being sent or received. Many layers add or strip a “header” to the data as it passes through, and those headers tell the system various pieces of important information like what part the data is in a series of data, is the data damaged, is the data a “jumbo frame,” etc. Trying to remember every flag that can be added/checked is a nightmare. Also, it helps to remember where in the OSI model data is referred to as a segment, a packet, and a frame.
In addition to transparency, Transport Layer also provides reliability by making sure that when data is broken into different packets, they are also received in the correct sequence to by the receiver.
Thank you for pointing it out! You are correct. The transport layer should oversee the process of data transfer in respect to transparency and reliability as you said. In this phase of OSI model, flow control is very important. You don’t want to see broken data or missing data in the end of receiving them.
According to TechTarget.com, the OSI model is: is “a reference model for how applications can communicate over a network. A reference model is a conceptual framework for understanding relationships. The purpose of the OSI reference model is to guide vendors and developers so the digital communication products and software programs they create will interoperate, and to facilitate clear comparisons among communications tools.”
The OSI Model has seven layers:
The physical layer focuses on the transmission and reception of the unstructured raw bit stream over a physical medium.
The data link layer allows the data frames to transfer from one node to another over the physical layer. The data link layer makes sure that layers above it has error-free transmission.
The network layer factors in network conditions, priority of service, and other factors to decide which physical path the data should take. The network layer overall is responsible for the operation of the subnet.
The transport layer makes sure that messages are delivered in sequence, with no losses, duplications, or errors.
The session layer allows session formation between processes running on separate stations.
The presentation layer formats the data to be presented to the application layer.
The application layer serves as the window for users and application processes to access network services.
Great post. May I add, for the Transport Layer, in addition to what you said, the layer also determines the packet sizes. These packet sizes are decided on the basis of different protocols. Some protocols require smaller packets than others and in that case Transport Layer will break the packets down.
Abhay, As far as I understand transport layer deals with segment and does not determine the size of packet. The packet headers and footers are added in Network layer. Transport layer deals with secure/unsecure transmission.
The advantages depend on what you use VPN for. Most businesses use VPN for: allowing remote workers (which saves the company money), branch offices, partners, and distributors. Today, some businesses use VPN to form a single secure private network by connecting different cloud providers.
Indeed Ian, the advantages of VPN depend on the use case.
Individuals use VPN to secure their Internet connection and stay anonymous while browsing and business can use it to access information remotely, from home or even the phone. This can eventually contribute to the increase in productivity within a company.
I like that you brought up VPN’s are used for branch locations, partners, and distributors. Implementing a VPN allows a business to essentially widen its network beyond where it is physically located, and doing so securely too. A VPN also leverages the use of the internet already in place to widen the business’s network without having to really absorb any new costs to expand the network.
Good point in talking about the secure private network between different cloud providers. Since the VPN service allows the users visit the internet through VPN servers with the IP address and location of the provider, which means they need to send the data to the VPN servers first, and I was thinking that this may impact the speed of uploading and downloading the files, and this might also impact the data transferring between different cloud providers.
you have a great analysis of disadvantage of VPN, I agree with you that the speed of uploading and downloading will be slower because it VPN is like another layer of internet. The data takes more time to pass through the extra layer of VPN.
Nice post Ian. I agree with the points you made but I do want to mention that from a security perspective, virtual private networks offer a higher level of protected communications unlike other remote methods of communication. This is because advanced technologies are used to protect the network from any unauthorized access.
Laly – Great advantages answer. I think a lot of your advantages depend on that proper planning that is needed in order to take the proper precautions that result in strong security.
Another disadvantage of a VPN is that VPN requires experienced employees that have knowledge with public networks security, password and data encryption, network address encryption,
VPN also has issues with availability and performance because VPN is difficult to control. VPN tends to have speed much slower than a traditional connection.
I will say that VPN is used when people attempt to secure their Internet connection to maintain anonymity while browsing. I know this post is about some disadvantages but I do believe taht VPNs are most positive when secured correctly and when an individual would like to secure network accesses.
A virtual private network (VPN), is a network that is constructed by using the Internet to connect to a private network, such as a company’s internal network.
The advantages are as follow:
– Enhance security as the data are encrypted
– Remote control as you can access your information everywhere
– Reduce costs
– Better performance as you can increase the bandwidth of your network
– Online anatomy as you can access both web applications and websites in complete anonymity
Of course, I agree with you. VPNs have also other benefits depending on the VPN service provider you are using. For example, some VPN service providers allow their users to share more easily and faster information between themselves, play games and perform any other activity as if they are within a local area network (LAN).
-Complex Design
-Need for employees with high level understanding of VPN which can be costly
-Reliability can become a factor (need to choose a provider who can guarantee minimal downtime – costly)
-If it happens to be necessary to create additional infrastructure the solutions can become incompatible and cause technical issues
-If you need to reconfigure and customize, working with the same vendor can sometimes increase the cost of deploying additional infrastructure.
-The use of mobile devices to initiate connectivity to the virtual private network can cause security issues especially if the connection is wireless
I am just playing devils advocate here. VPNs offer a viable solution for secure communications between distributed users. It is still definitely very important to hire the correct IT professionals that have a high level understanding of VPNs so that you can configure your VPN to ensure a secure solution for your business.
Ian, you have stated an important point regarding mobile devices connecting to VPN. Currently not all mobile OS have a VPN built-in client (only Android and ios provide built-in). Mobile devices do not have an open VPN protocol which is disappointing. Companies must provide a software application to launch VPN client via mobiles devices. If one uses Wifi to connect to VPN they expose the data to many insecurities.
To add to the disadvantages, If the company is not maintaining proper user provisioning along with the identity systems with VPN administration it can lead to unauthorized access.
One such example of insufficient VPN management and security that lead to a breach comes from an employee terminated by a utility company, Energy Future Holdings. The employee was able to use the VPN—even after his position was terminated—to access the corporate systems used for consumer demand forecasts. The terminated employee used the access to corrupt data, which caused $26,000 in lost business alone. Hence it is necesary to maintain the identity systems with VPN. I am not sure of does active directory have records of all active VPN users or not? If anyone have information on it do share.
Great example! I absolutely agree with you that there should be strong controls implemented to prevent terminated employees from accessing the organization VPN. Several days ago, I had a chance to talk to a Cyber Security professional. And he even mentioned that not many companies have proper procedures to deactivate terminated employees access to their systems. He even mentioned-from his experience- companies take an average of 6-8 days to cease terminated users access. When you think about it, it is a pretty long time to take an action. Your example is exactly a down to earth situation.
That’s pretty wild, I was under the assumption that most companies were able to remove any access employees had the day the employee leaves, but that is eye-opening.
Ian, rightly said that employees need to have right understanding about the VPN.
One member firm that I worked with used Global protect as VPN for first level of authentication and then needed to connect to remote access using EMUE code which was pretty complicated for most of the non tech savy users because EMUE was to be generated on their company approved PDA’s and if there were was any problem with the PDA they would have to wait till that PDA was repaired or another PDA was configured and had EMUE installed. Else they would have to call center for additional keys.
That is an interesting point that you brought up about using the EMUE code to connect to the network for remote access. I think in today’s environment with smart devices, those remote access applications are likely more easy to implement and are more “user friendly”. However, companies now have to worry about their devices security since they don’t want an employee’s second factor for 2 factor authentication to be compromised. With that being said, it is still the same today that if the remote access key is not generating, then one has to still contact the call center to get a temporary key.
Said, in addition to the advantages you found, I would like to add that VPNs are great for accessing blocked websites or for bypassing Internet filters. Also if you need an IP address from another country, then a VPN can provide you this.
I agree with you. I also think this advantage of the VPN can be also a disadvantage in a security point of view. In fact, obtaining IP address from other countries has positive and negative points. Some hackers use it remain hidden.
Employees can use VPN provided by the company to remotely access resources on their network when they are at home or traveling. They can use VPN to share files, online anonymity, unblock websites and bypass filters, change IP address, better performance and reduce maintenance costs.
What is OSI model? What’s the main function of each OSI layer?
The Open Systems Interconnection model (OSI model) is a conceptual model that characterizes and standardizes the communication functions of a telecommunication or computing system without regard to their underlying internal structure and technology. Its goal is the interoperability of diverse communication systems with standard protocols. The model partitions a communication system into abstraction layers. The original version of the model defined seven layers.
Host layers:
Application: High-level APIs, including resource sharing, remote file access
Presentation: Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption
Session:Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes
Transport: Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing
Media layers:
Network: Structuring and managing a multi-node network, including addressing, routing and traffic control
Data link:Reliable transmission of data frames between two nodes connected by a physical layer
Physical: Transmission and reception of raw bit streams over a physical medium
Good job categorizing the layers further. And you are right about the reliability provided by the Data Link layer. I think it is important to have an extra layer of assurance that the data is transmitted correctly, in the right order and according to the protocol requirements. If there is an error in any of the other layers, Data Link layer fixes it and resends the packets.
The advantages of using a VPN is that content you access on the internet and anything sent to a website is encrypted and routed through vpn. When a connection is encrypted it stops people from monitoring your connection. So all data send to website can’t be read by anyone except the VPN provider. When a connection is not encrypted a attacker could preforming a mitm(Man in the middle attack) where the attacker can view all data that is not encrypted that you send to the website including usernames and passwords.
You mentioned that VPN’s are good at protecting against Man in the Middle Attacks. While I did know that “bad guys” can monitor an individual’s web traffic to potentially pick up any usernames and passwords, I didn’t know that “bad guys” could sit in-between a user and the internet. According to the video I linked below, man in the middle attacks not only have a view of web traffic but they can also provide prompts to gain information such as usernames and passwords. I can see how a VPN would eliminate such attacks through encryption, especially for businesses who utilize the internet for their work.
What is OSI model? What’s the main function of each OSI layer?
OSI (Open Systems Interconnection) is reference model for how applications can communicate over a network. It has seven layers.
1) Physical: allows the transmission and reception of the unstructured raw bit stream over a physical medium and describes the electrical/optical, mechanical, and functional interfaces to the physical medium, and carries the signals for all of the higher layers.
2) Data link: provides error-free transfer of data frames from one node to another over the physical layer, allowing layers above it to assume virtually error-free transmission over the link.
3) Network: controls the operation of the subnet and direct the path of the data according to network conditions.
4) Transport: responsible to deliver messages without errors and no losses.
5) Session: allows sessions establishment between processes running on different stations.
6) Presentation: acts like a translator as it formats the data to be presented to the application layer.
7) Application; supports application and end-user processes by identifying communication partners, determining resource availability, and synchronizing communication.
What is OSI model? What’s the main function of each OSI layer?
According to the text, the OSI model is a seven-layered model that describes “how to build applications, protocols, and equipment that move data from your application to the physical wire, across hundred or thousands of miles, to an application on the other side”. To put simply, this model standardizes how computers communicate with one another within a network and should be utilized in the development of a network. The description from the text of the 7 OSI layers are listed below:
Layer 1 – Physical: Defines the physical link, cabling, and binary transmission (aka high pulse/low pulse)
Layer 2 – Data Link: Links data packets from one location to another.
Layer 3 – Network: Routes packets between networks.
Layer 4 – Transport: Makes sure that data arrives to its destination without any errors.
Layer 5- Session: Deals with the setup and management of sessions between computer applications
Layer 6 – Presentation: Handles formatting, encryption, compression, and presentation of data to the application.
Layer 7 – Application: User interface for displaying data.
After doing a little bit of research online for the OSI model, its apparently rarely used completely and to its fullest potential. Network developers might adopt one or two portions of the OSI model, but not the whole thing.
I did some research to find out some advantages and disadvantages to the OSI model and below is what I found:
Advantages:
•Provides wide variety of choice.
•Does not depend on a specific computer system.
•interprets the product functionality at each-stage.
•Encrypts the data for security.
•Allows for the addition of multiple-network models.
Disadvantages:
•Many applications do not require/need the data integrity (which is typically provided by OSI-model).
•In order to quickly set up the OSI model, you will need an agreement between three-parties (users and the service provider).
•Overall, the OSI Model is Complex to configure and work with
•This model is not adapted at all to telecommunication applications on computer.
Thanks for the summary of the advantages and disadvantages of the OSI Model. Just looking at the model in our text, it seems the the entire model is very vague with alot of references to different protocols. For example, the application layer references the HTTP, File Transfer Protocol (FTP), Simple Main Transport Protocol (SMTP), or Telnet. Therefore, it would make sense that the OSI model is complex to configure and work with since one has to understand all the different protocols. With that being said, as Alex has stated below, the OSI model still serves as a framework due to it being general in nature.
Paul, although the protocols associated with the OSI model are rarely used any more, the model itself is actually quite general and still valid, and the each layer functions are still very important.
A Virtual Private Network, VPN for short, is a network commonly used to “travel” safely across the internet. This occurs by establishing a connection between two networks as if those networks were directly connected to one another and not traveling over the internet. This connection offers security and privacy since the traffic across the VPN is encrypted, the transmitted data is protected by some security protocols, and that the remote computer requires authentication before gaining access. For organizations, VPNs allow users to gain access to a company’s network even when they might be on a different, unsecured network. Due to the security characteristics of the VPN, users don’t have to worry about “bad guys” from collecting their web traffic and data. In today’s world, VPN’s are just as important as ever since most devices are mobile and businesses want their employees to access applications/data from anywhere they can. Especially as IT auditors who work remotely at a client’s site, VPNs are critical in making sure that confidential data on an audit is not accessed by anyone unauthorized.
Really good explanation of VPN and I especially like what you mentioned about how organizations can implement the feature of VPN to gain security control and access to different network. If an organization use VPN, they will have a lower cost other types of configurations. And you mentioned how IT auditors can be benefited by using VPN as well. IT auditors needs to ensure the confidentially of the data of their clients on an audit.
What is OSI model? What’s the main function of each OSI layer?
OSI models can be used not just to understand how computer networks work but also how two computers communicate with each other. OSI model explains from user experience to all the way down to the electrical signals travelling in wires, and it does this in form of different layers.
Application Layer: This is basically software application. User looking at different applications on the computer. For e.g.: Google Chrome, Firefox, Microsoft outlook. This is basically software applications and this layer is closest to the user experience.
Presentation Layer: This is a layer what the operating system works on. This layer converts the user text and numbers into machine language (for eg: ASCII). It also encrypts data to protect it.
Session Layer: A session is basically a conversation between two computers. This layer is responsible for starting and ending sessions. For e.g.: if you want to get some data from a website, this layer will create a session between your computer and the web server. During the session, it will try to maintain the communication and if the connection is broken, it will help reestablish it. Eventually, it will also end the session.
Transport Layer: Whenever a computer sends data, it sends it in packets. This layer ensures that the packets are delivered reliably and in a proper order. It also breaks down packets into smaller units as required by different protocols.
Network Layer: This layer determines best route for data. There are many different routes (options) for a data to travel from one end to the other. This layer determines the fastest and the most reliable route for the data to travel.
Data Link Layer: This layer is responsible for checking errors in the data or if something went wrong in the above mentioned layers. For e.g.: if there was an error in the data, this layer will resend the data to ensure reliable transmission of data.
Physical Layer: Cable, fiber optics, etc. any electric signals or transmission of data is a part of physical layer in the OSI model.
Security:
Local security applications like antiviruses and firewalls are not enough to protect. An external solution that provides a separate layer of protection is needed and this is where VPN comes in the picture. As a general rule, no network should be considered safe, especially the public networks (public Wi-Fi) as the flow of communication is passed through many routers/access points. VPN adds an extra layer of security as VPN connection is encrypted. If suppose, there is a Man-in-the-Middle attack, the attacker will only be able to see inexplicable data.
Restricted Access:
In certain countries, online broadcasters restrict access to clients in certain geographical areas. VPN allows its users to circumvent these geographical restrictions. For e.g.: in countries like China where access to certain websites are restricted, a VPN can be used to access anything online as long as you are connected to a VPN. In terms of securing data, an organization can use VPNs to only allow the VPN network to connect to private sensitive resources.
Privacy Protection:
As soon as we are connected online, we start leaving traces (digital footprints). VPN provides online anonymity by hiding IP addresses and personal details. For e.g.: People who are political activists are recommended to use VPN because of the frequent violation of their privacy.
Geographical restricted content can be frustrating to face sometimes. I recall the countless number of times where even watching some Youtube videos would be blocked because the content was not available in my geographical region.
You are right, some geographical regions are not allowed to access some oversea websites. One example is the Great Firewall of China (GFW), indeed, the GFW positively protects the internet users in mainland China from some sorts of online attacks from oversea unknown IP address, but it also blocked some widely used websites like the YouTube and Facebook.
Q2 What are the advantages of VPN?
A2
A virtual private network, as the name suggests, is a private network that extends across a public network or internet. It enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. VPNs can usually increase privacy and security. To prevent disclosure of private information, VPNs normally allow only authenticated remote access using tunneling protocols and encryption techniques.
The advantages of a VPN connection can be listed as :
• Confidentiality – Since the data transmitted over VPN is encrypted, it provides confidentiality such that even if the network traffic is sniffed at the packet level, an attacker would only see encrypted data
• Authentication : VPNs require authentication, thereby preventing unauthorized users from accessing the VPN
• Integrity : Message integrity to detect any instances of tampering with transmitted messages
I really liked how you explained the advantages of VPN through the CIA concept as well. However, do you mind explaining how message integrity detects instances of tampering?
Glad you brought that up, Yang Li. The protocols underlying VPN connections is IPsec or SSL. These protocols provide tamper detection. What this means is that you can’t alter the message without detection as SSL uses Message Authentication Codes. To understand more about how Message Authentication Codes work, you might want to take a look at- https://en.wikipedia.org/wiki/Message_authentication_code.
Nice post! On the other hand, VPN also brings security issues. People can use VPN download movies and musics illegally. and break the rule of locations that may limit access to some areas. It is true that VPN makes people communicate easier and work more efficiently, but those exited threats and risks and potential risks should not be ignored.
Q1. What is OSI model? What’s the main function of each OSI layer?
The OSI model describes how data moves from one system to another and helps us understand how to build applications, protocols, and equipment that move data. The seven layers of this model include:
1. Physical: Defines the physical link, cabling, and binary transmission. Modulation and flow control occur here.
2. Data Link: Links data on hosts from one location to another, typically on the LAN. Switches and bridges operate at this later, typically using MAC addresses.
3. Network: Routes packets between networks. Routers operate at this layer typically using IP addresses.
4. Transport: Deals with transport issues, such as getting to the destination in one piece, and error control.
5. Session: Deals with the setup and management of sessions between computer applications.
6. Presentation: Handles formatting, encryption, compression, and presentation for the data to the application.
7. Application: Represents the end user application, such as HTTP or FTP.
Some advantages of a Virtual Private Network include:
-Security: Data is encrypted and kept away from those who should not have access to it.
-Remote Control: Allows data to be accessed from wherever you are.
-Bypass Filters/Blocks: Can access blocked websites and bypass filters.
-File Sharing: Can be useful to groups that need to share files for a long period of time.
What is OSI model? What’s the main function of each OSI layer?
The OSI model is a benchmark standard created to get third party vendors to develop protocols that are matched to the seven “layers” of the model. The goal is to have many different equipment and software manufacturers develop and implement equipment that will interface with equipment developed by competitors. The model helped create an international networking standard. It is comprised of seven logical “layers” that communicate with each other.
Each layer of the model is designed to separate each section based upon what is happening to the data.
Layer 1 – Physical Layer – Is the layer at which hardware transmits and receives the data as some type of signal.
Layer 2 – Data Link – Is the layer that transmits the data across the physical layer. Associated with the MAC address.
Layer 3 – Network – Is the layer at which IP addressing is used.
Layer 4 – Transport – Is the layer that transmits data reliably and checks “ACK” of data receipt.
Layer 5 – Session – Is the layer that establishes and maintains connections known as sessions.
Layer 6 – Presentation – Is the layer that converts data into a format acceptable for the application layer. Encryption and decryption take place at this layer.
Layer 7 – Application – Is the layer at which an interface is created to communicate with the system. This is the layer where a user interacts with a system.
A VPN is a Virtual Private Network. A VPN allows users outside the physical network to access the network logically. This allows a business to efficiently extend the reach of the network and its resources. A VPN also allows a business to utilize the concept of “telecommuting” with employees. This can save costs for the business and allows workers to conduct their jobs from outside the physical location of the business and gives workers efficient mobility while also maintaining network security as much as feasibly possible. Implementing a VPN means a business should institute anti-virus and remote access policies at a minimum. The business may also want to set up a “quarantine zone” so whenever an employee logs into the VPN, and a system check determines the anti-virus software is not-up-to-date for example, users will be directed to the zone to preserve the integrity of the VPN and local network.
Hi, Said
Absolutely, there are cons of VPN:
1. Reduced Internet connection speed
2. Reduced Connection Reliability
-more points of possible failure= less reliable
3. May provide less bandwidth than a dedicated line solution
4. Different VPN manufactures may comply with different standards
OSI is an ISO developed networking model determines how data moves between networks. The data travels through the 7 layers of OSI model and is governed by a protocol of data is packaged and sent to the next layer.
Physical layer – Electronic Connection – This layer defines how raw data travels in forms of bits and bytes in form of electronic signals through a transmission media like a fiber optic or radio frequency. This is the lowest level of networking. IT uses physical devices like modems, network hubs, repeaters.
Protocols :Fiber optic or wireless mode
Data Link layer – Communication between nodes- This layer defines data that transfers from node to node. IT takes data from Layer 1, corrects in case of errors. It defines protocol that must be used in layer 1. This layer has two sub layers –
One, MAC – layer responsible for controlling how devices get access to a physical medium and permission to transfer data.
Two, Logical Link Layer – This layer is responsible for encapsulating data, checking errors and frame synchronization and identifying network protocols
Protocols:Ethernet, PPP, SLIP, FDDI
Network layer -Communication across networks- This layer defines data transfer in same network between different nodes. It transfers Logical address to physical address.The data packet in this layer consists of the message body, address of next node and routes message to nodes in the network to route them through the path to reach final destination node.
Protocols:IP, IPSec,ICMP,IGMP
Transport Layer – Data transfer between networks – This layer transfer data from one node to another between two networks. IT manages segmentation to handle large length of data and checks for errors and submits acknowledgement in case of success of transfer.
Protocols: TCP, UDP
Session Layer-Session Management – This layer manages connections between computers, between the local and remote applications.
Protocols: API’s , sockets
Presentation layer – Format conversion -This layer formats data and translates data from software application into network understandable format.This layer formats and encrypts data and inserts control information.
Protocols: SSL, IMAP, FTP
Application layer – Interface between applications- This layer first receives the data. IT is the link between local software applications and internet, identifying communication partners, determining resource availability, and synchronizing communication. It identifies the communication partners, quality of service , user authentication and privacy, constraints on data syntax.
Protocols: HTTP, SSH, DCH
Well explained, Priya. I liked that you have mentioned the associated protocols for each layer. I’d like to add that the ARP (Address Resolution Protocol) is also one of the protocols which is used to translate IPv4 or internet layer addresses (OSI layer 3) into link layer or Ethernet MAC addresses (OSI layer 2).
Great post, I like how you segmented out the different protocols from each layer. I was talking to someone in my company’s IT department, and a point he made was that the OSI model gives some framework to an IT worker who is trying to sort out an issue. For example, if users lose access to email, whoever is trying to fix the issue can work from the physical layer, check the cabling, and work up to spot the issue.
Virtual Private Network, or VPN, is a group of computers (or discrete networks) networked together over a public network—namely, the internet. The following are the advantages of VPN:
• Create private scope of computer communication
• Helps in remote connection to data centers
• Secure data transmission through encryption
• Helps in sharing files across the group for a period of time
• Access to web applications and websites in complete anonymity
• VPN provides change of IP address in case there is a need for an IP from location other than base.
• Provides better bandwidth and efficiency of the network
• Low maintenance cost
Great post, Deepali ! You’ve covered all the advantages of VPN very well. Could you tell how VPN provides better bandwidth and efficiency of the network or are you referring to the bandwidth or efficiency being better generally of an organization’s intranet as I was of the opinion that VPN won’t really enhance the bandwidth.
What is OSI model? What’s the main function of each OSI layer?
OSI (Open Systems Interconnection) is reference model for how applications can communicate over a network. It allows vendors and developers to manage interoperability of the digital communication products and software programs they create.
It has 7 layers:
Physical layer: This layer conveys the bit stream such as electrical impulse, light or radio signal through the network at the electrical and mechanical level. It provides the hardware means of sending and receiving data on a carrier. Protocols: Fast Ethernet, RS232,and ATM
Data Link Layer: This layer helps in handling errors in the physical layer, flow control and frame synchronization. The data link layer is divided into two sub layers: The Media Access Control (MAC) layer and the Logical Link Control (LLC) layer. The MAC sub layer controls permission for a system to gain access to the data on the network. The LLC layer controls frame synchronization, flow control and error checking.
Network Layer: This layer provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. It is also responsible for error handling, congestion control and packet sequencing.
Transport Layer: This layer provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control.
Session Layer: This layer establishes, manages and terminates connections between applications. It deals with session and connection coordination.
Presentation Layer: This layer works to transform data into the form that the application layer can accept. It formats and encrypts data to be sent across a network, providing freedom from compatibility problems. It is also called the syntax layer.
Application Layer: This layer supports application and end-user processes. Everything at this layer is application-specific. This layer provides application services for file transfers, e-mail, and other network software services. Telnet and FTP are applications that exist on this layer
What is OSI model? What’s the main function of each OSI layer?
The Open System Interconnection(OSI) reference model created by International Organization for Standardization(ISO) describes how a data is transmitted across the network. It defines how the network processes function, what the components are in the network and also how the data is transmitted.
This layered approach
1. Reduces complexity
2. Standardizes interfaces
3. Facilitates modular engineering
4. Ensures interoperable technology
5. Accelerates evolution
6. Simplifies teaching and learning
There are 7 layers in OSI model:
1. Application : This is the layer at which user communicates with the computer. This layer identifies and establishes the availability of the communicating devices and checks if enough resources are available to for the intended communication and establishes agreement on procedures for error recovery and control of data integrity. This layer provides network services to the application of the user like email, file transfer and terminal emulation. Provides user authentication.
2. Presentation: This layer ensures that the information send by the application layer of one system is readable by the application layer of the other system by providing the translation service. It formats, structures and provides encryption to the data. Example: jpeg, pict, mpeg, quicktime.
3. Session: This layer is responsible for establishing, managing and terminating the session between the communicating devices. This layer keeps different application data separate from the other application data. Examples of session layer protocols are: NFS(Network File System), SQL.
4. Transport: The transport layer segments the data from the system of sending host and reassembles the data into data stream on the system of the receiving host. It ensures data transport reliability through fault detection and recovery information flow control. Example: TCP/IP, UDP protocols
5. Network: This layer provides connectivity and path selection between 2 hosts on 2 different networks. It manages connectivity, provides logical addressing and path selection. When packets are received, destination IP address is checked. Examples of routing protocols are RIP, OSPF, EIGRP.
6. Data Link: This layer ensures that messages are delivered to proper devices. The message is formatted into data frames. It includes error detection to ensure reliable delivery of data. The Ethernet data link has two sublayers: Logical Link control(LLC) and Media Access Control (MAC protocols)
7. Physical: In physical layer data is sent and received in bits, It defines electrical, mechanical, procedural, and functional specifications for activating, maintaining and deactivating the physical link.
Source: Introduction to Cisco Networking Technologies Volume 1.
What are the advantages of VPN?
VPN (virtual private network) creates secure connection to another network over the internet. It keeps the connection private, encrypted and anonymous.
1. VPN provides internet anonymity for all the users connected to it by encrypting the data from the computers or other mobile devices before connecting to the internet. So the actual source is kept as a secret and sensitive information ie PII cannot be traced by hackers and government agencies.
2. It masks IP address thus reducing DDOS attack, hacking possibilities.
3. It hides the user’s geo location. Thus it can be used to create an impression that the user is browsing from a different location and also allowing to access geo- blocked websites.
4. Thus the VPN helps to bypass filters and access blocked websites.
5. Better streaming performance
6. Accessing local network resources remotely, especially if you are travelling and want to have access to office network or home network.
You’re right, and I want to add something about the advantages – its scalability. Virtual Private Networks are very flexible in terms of growing with the company and adding new users to the network. This type of infrastructure allows for scalability without having to add new components to accommodate the growth. This is also very helpful for reducing cost.
Advantages of VPN
1. The main purpose of VPN is to have a secure connection which can be connected remotely over a Internet Protocol Security.
2. VPN offers higher level of security as the VPN needs authorized access to connect to the network.
3. VPN is comparatively low cost than any other configuration to remote connect over secure link.
4. It is easy to add more nodes in the existing VPN network. IT does not cost anything or does not need additional components.
5. VPN communications are encrypted
6. VPN service can make it easy to share files for a group of people for long periods
7. Performance can be greatly increased in terms of bandwidth
Great post, I liked how you summarized the advantages of VPN very briefly. I would like to add that VPN allows internet users to access to unrestricted resources if the IP is blocked from somewhere.
VPN is a technology which creates a virtual private network to which end users are connected via an encrypted channel.. VPN has three main advantages for the internet users, higher security, privacy protection and access to restricted resources.
Security:
Compared to direct connection, VPN provides a external security to protect personal data . VPNs secure the otherwise insecure connection between you and remote resources. VPNs should be used especially in public networks such as WiFis. This is because the communication flow passes through numerous points (routers) and for an attacker is sufficient to compromise any one of these points in order to compromise the communication channel and its information flow.
However, with VPN, even if the communication channel is compromised, ones cannot be harmed or the harm will be because the VPN connection is encrypted and cannot be decrypted and thus read. When an attacker captures VPN traffic he will be able to see only incomprehensible characters going from you to a VPN server. Thus, the attacker is not even able to see to the remote resources (sites, chats, etc).
Privacy protection:
As soon as ones are connected online with your pc or mobile phone, they are leaving traces such as the IP address and Internet service provider. This ultimately reveals essential personal information. Instead, to protect your privacy you should use VPN again. Thus, with VPN whenever visit web sites, listen to radio, chat, etc. you will be identified with the VPN provider, i.e. his IP address, location etc. Essentially, the vpn user’s IP address and personal details will remain hidden.
Access to restricted resources:
Sometimes service providers such as online radios, TVs, etc restrict access only to clients within certain geographical areas or Internet service providers. Other times company policies prevent employees to connect to generally available sites or resources such as Facebook. Such not always reasonable restrictions leave you with no option but to use VPN. VPNs have multiple points of presence in different geographic regions. The fact that you are identified only with the VPN provider allows you to circumvent any geographical restrictions.
Nice post! In addition, VPN makes IP address so that reducing DDOS attacks and possibilities of hacks. it also hides users geo-location, so that can be used to create an impression that the user is browsing from a different location and also allowing to access geo-blocked websites.
Good post Yu Ming, it is informative. have something want to add is about the disadvantage. ‘ve got a yearly subscription to a VPN service which is real quick and from the research I did at the time seems to be pretty legitimate, but are there any disadvantages or scenarios where you perhaps shouldn’t use a VPN?
I’m from the China and I usually just have the VPN setup to automatically route everything through a VPN server located in Fuzhou Fujian.
If for example, say that I want to connect to my online bank account, am I putting my credentials and packets are risk by having them sent over the VPN server? – I’m assuming that the banks login page is pretty secure already so by routing through a VPN server am I creating extra risk by routing over this third party?
What is OSI model? What’s the main function of each OSI layer?
OSI Model
1. Describes how data moves from one system to another system.
2. describe how to build applications, protocols, and equipment that move data from your application to the physical wire, across hundreds or thousands of miles, to an application on the other side.
OSI model contain seven layers and each layer has different function.
Layer 1: Physical
Defines the physical link, cabling and binary transmission. Also deals with Modulation and flow control
Layer 2: Data link
Links data on host from one location to another, typically on the local area network (LAN) but sometime on wide area network (WAN)
Layer 3: Network
Routes packets between networks
Layer 4: Transport
Deals with transport issues such as getting to the destination in one piece and error control
Layer 5: Session
Deals with setup and management of sessions between computer applications
Layer 6: Presentation
Handles formatting, encryption, compression and presentation of data to the application
Layer 7: Application
Represents the end user application such as HTTP, file transfer protocol, simple mail transport protocol or telnet
Source:
IT auditing: Using Control to Protect Information Assets
1. What is OSI model? What’s the main function of each OSI layer?
OSI stands for open systems interconnection. it was created to help standardize communication between computer systems. it defines a networking framework to implement protocols in seven layers.
1) the physical layer: defines the electrical and physical specifications of the data connection. Physical examples include Ethernet, FDDI, B8ZS, V.35, V.24, RJ45.
2) the data link layer: provides node-to-node data transfer, a link between two directly connected nodes. Data Link examples include PPP, FDDI, ATM, IEEE 802.5/ 802.2, IEEE 802.3/802.2, HDLC, Frame Relay.
3) the network layer: provides the functional and procedural means of transferring variable length data sequences from one node to another connected to the same network. Network examples include AppleTalk DDP, IP, IPX.
4) the transport layer: provides the functional and procedural means of transferring variable-length data sequences from a source to a destination host via one or more networks, while maintaining the quality of service functions. Transport examples include SPX, TCP, UDP.
5) the session layer: controls the dialogues (connections) between computers. Session examples include NFS, NetBios names, RPC, SQL.
6)the presentation layer: establishes context between application-layer entities, in which the application-layer entities may use different syntax and semantics if the presentation service provides a mapping between them. Presentation examples include encryption, ASCII, EBCDIC, TIFF, GIF, PICT, JPEG, MPEG, MIDI.
7) the application layer: is the OSI layer closest to the end user, which means both the OSI application layer and the user interact directly with the software application. Application examples include WWW browsers, NFS, SNMP, Telnet, HTTP, FTP
Agree with you Yulun,
The first layer of the seven layers of Open Systems Interconnection (OSI) network model is called the Physical layer.
The second layer of the seven layers of Open Systems Interconnection (OSI) network model is called the Datalink layer.
The third layer of the seven layers of Open Systems Interconnection (OSI) network model is the Network layer. The fourth layer of the seven layers of Open Systems Interconnection (OSI) network mode is the Transport layer.
The position of Session Layer of the Seven Layered Open Systems Interconnection (OSI) model is between Transport Layer and the Presentation Layer.
the presentation layer: establishes context between application-layer entities, in which the application-layer entities may use different syntax and semantics if the presentation service provides a mapping between them. Presentation examples include encryption, ASCII, EBCDIC, TIFF, GIF, PICT, JPEG, MPEG, MIDI.
the application layer: is the OSI layer closest to the end user, which means both the OSI application layer and the user interact directly with the software application. Application examples include WWW browsers, NFS, SNMP, Telnet, HTTP, FTP
2. What are the advantages of VPN?
VPS stands for virtual private network. It is a group of computers networked together over a public network (the internet). VPS secures the computer’s internet connection to guarantee that all of the data we are sending and receiving is encrypted and secured. Student/worker can use provided VPN from their school or company to access resources on their network when they’re at home or traveling. Other advantages include share files, online anonymity, unblock websites and bypass filters, change IP address, better performance and reduce maintenance costs.
The OSI, or Open System Interconnection model is a conceptual networking model of how network systems are supposed to communicate to each other. The model breaks down different components of network communication into layers. The model consists of 7 layers :
1) Application layer : This is the layer that the user interacts through. Application-layer functions typically include identifying communication partners, determining resource availability, and synchronizing communication. This layer supports application and end-user processes Eg: Browser, Email client.
2) Presentation layer : The presentation layer establishes context between application-layer entities, in which the application-layer entities may use different syntax and semantics if the presentation service provides a mapping between them. This layer provides independence from data representation (e.g., encryption) by translating between application and network formats. The presentation layer transforms data into the form that the application accepts. This layer formats and encrypts data to be sent across a network. It is sometimes called the syntax layer.
3) Session layer : The session layer creates, manages and terminates the connections between computers (local and remote computer).
4) Transport : The transport layer Decides how much information should be sent at one time. Deals with the transport of data back and forth from a source to a destination host via one or more networks, while maintaining the quality of service functions.
5) Network : The network layer provides the functional and procedural means of transferring variable length data sequences (called datagrams) from one node to another connected to the same network. It translates logical network address into physical machine address. Network layer is involved in structuring and managing a multi-node network, including addressing, routing and traffic control. Routers operate at the network layer
6) Data link : The data link layer provides node-to-node data transfer—a link between two directly connected nodes. It detects and possibly corrects errors that may occur in the physical layer. It, among other things, defines the protocol to establish and terminate a connection between two physically connected devices. It also defines the protocol for flow control between them. Eg: Switches
7) Physical : The physical layer defines the electrical and physical specifications of the data connection. It defines the relationship between a device and a physical transmission medium. Eg. Wiring/cabling
VPN stands for Virtual Private Network, it is a network technology that creates a secure network connection over a public network such as the Internet or a private network owned by a service provider.
VPN has the following advantages:
1. Data is kept secured and encrypted when you connect to the network through a VPN.
2. VPN increases productivity because with the remote control feature, the information can be accessed anywhere remotely.
3. With the VPN service, it makes convenient for people sharing files for long period of time.
4. VPN Allows people to access both web applications and websites anonymously.
5. VPN services are very useful for accessing blocked websites or for bypassing internet filters, especially for counties where internet censorship is applied.
6. VPN can provides people with change IP address if needed.
7. VPN solution provides better performance because it increases bandwidth and efficiency of the network.
8. Implement VPN reduces maintenance cost.
Agree with you, VPN has many advantages, but it also provide some opportunities for bad guy to hide themselves from being investigated as VPN Allows people to access both web applications and websites anonymously.
A VPN allows companies to securely transit data to an external network/device. Data transmitted through a VPN is encrypted so even if it is compromised, it is still safe. Businesses often need to access and transmit data to a remote server, or allow an employee to access a network from another location. Even with a secure infrastructure there is still the possibility of an intrusion, which increases when data travels remotely. A VPN is is an important component to information system security and provides many advantages including:
* Save money by allowing employees to work remotely by lowering traveling costs and office space
* Increase productivity because employees can access the network anywhere in the world securely
* Securely connect geographically dispersed corporate locations
* Works with most protocols, so it is easy to deploy and use – saves money by not needing a secure line
* User friendly
* Anonymity Can change an IP address, can be important depending on the data or if an employee is in
foreign country
* Low cost
Firstly, what is the VPN?
A Virtual Private Network (VPN) is a method used to add security and privacy to private and public networks, like WiFi Hotspots and the Internet. VPNs are most often used by corporations to protect sensitive data.
Then, how it works?
VPN allows you to have your connection encrypted and secure to become anonymous online and to keep your traffic data private and safe from hackers, government censorship, and other dangers of the internet. VPN also helps you get access to to block content because of geolocation, some online content such as video, music, news, search engines, etc. maybe unavailable from certain countries and locations. Using a VPN service allows you to log into a server located in a place from where the content is available.
lastly, what is the value?
The VPN gives you privacy freedom and security. It is very useful when you do your online banking, use WIFI hotspots shopping online, etc.
but something you needs to notice that not all VPN service providers are worth your trust.
You are absolutely right! Even though VPN has so many advantages but not all VPN service providers are trustworthy. It’s very important to find the best VPN service for your needs. Things should be take into consideration such as:
-What Protocols Do They Support?
-How Many Servers Do They Have and Where?
-How Many Concurrent Connections Are Allowed?
-Do They Throttle Connections, Limit Bandwidth, or Restrict Services?
-What Kind of Logs, If Any, Do They Keep?
-What Payment Methods Do They Offer?
-Do They Have a Kill Switch System?
Great points Jianhui, VPN gives you the ability to work without being bother and track. You are anonymous online like you said when connected to the VPN and you are safeguard against attackers. It is a good way to work if you do not want anyone monitoring what you do and it certainly helps sometimes to be under the radar. Being able to access the VPN from anywhere is also a plus and gives you the freedom to work anywhere and not being constantly monitor. It also gives you the ease of mind to know that you are secure and attackers cannot access what your working on.
What is OSI model? What’s the main function of each OSI layer?
* The OSI model is a reference/framework for vendors/developers to create products with interoperability. It is the primary method of communication between two endpoints in a telecommunication network. The model is comprised of seven layers from which data flows from one application to another, passing through each layer.
* Layer 7: The application layer: communication partners are identified and serves as a gateweay for the
application to access the network
* Layer 6: The presentation layer: essentially a translator because it translates the data from the
application’s format into a common format to send, and then the is translated again at the receiving end
* Layer 5: The session layer: facilitates a connection between processes on different networks/machines
* Layer 4: The transport layer: moves the message from one application to its destination error free
* Layer 3: The network layer: accurately directs and routes the data in the correct direction, and also for
incoming messages
* Layer 2: The data-link layer: transports data from each node over the physical layer
* Layer 1: The physical layer: Hardware which carries the message through the network
What is OSI model? What’s the main function of each OSI layer?
OSI stands for Open System Interconnection, OSI model is a standard reference model for communication between two end users in a network.
ISO has 7 layers, each layer has well defined functions. Seven layers are divides into two groups. The low layers (1, 2, 3 and 4) are transport service layers, they are necessary to the routing of information between the two concerned ends and depend on the physical medium. The higher layers (5, 6 and 7) are responsible for the data processing relative to the management of exchanges between information processing systems. Layers communicate with adjacent layers only, it allows layers to change without effecting other layers, as long as compatible with adjacent layers.
Layer 1—The physical layer:
This layer transmits bits from one computer to another and regulates the transmission of a stream of bits over a physical medium. This layer defines how the cable is attached to the network adapter and what transmission technique is used to send data over the cable.
Layer 2—The data-link layer:
This layer package raw bit from the Physical layer into frames (logical, structures packets for data). It is responsible for transferring frames from one computer to another, without errors. After sending a frame, it waits for an acknowledgment from the receiving computer.
Layer 3—The network layer:
This layer handles the routing of the data, addresses messages and translates logical addresses and names into physical addresses. It also determines the route from the source to the destination computer and manages traffic problems (flow control), such as switching, routing, and controlling the congestion of data packets.
Layer 4—The transport layer:
This layer handles error recognition and recovery, manages the end-to-end control (for example, determining whether all packets have arrived) and error-checking. It ensures complete data transfer.
Layer 5—The session layer:
This layer allows applications on different computers to establish, use, and end a session/connection. This layer establishes dialog control between the two computers in a session, regulating which side transmits, and when and how long it transmits.
Layer 6—The presentation layer:
This is a layer, usually part of an operating system, that converts incoming and outgoing data from one presentation format to another (for example, from a text stream into a popup window with the newly arrived text). This layer also manages security issues by providing services such as data encryption and compression. It’s sometimes called the syntax layer.
Layer 7— The application layer:
This is the layer at which communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. It represents the services that directly support applications such as software for file transfers, database access, email, and network games.
Great answer, Wen Ting. I especially liked the mnemonics you shared. Would you say that a part of the Operating system could be considered as a presentation layer ? A core Network guy I know, seems to refuse to believe that the OS has anything to do with the OSI model.
Great mnemonics! Wenting! but I want to learn more about how the second mnemonic can help me remember the seven layers? Do not tell the sales people anything, and what does it connect with the OSI model and what does anything mean to you?
Hi, Yu Ming
I actually found this online, it’s shared in one of the tutorial video. I thought it’s interesting so I would like to share with everyone. Back to your question, I don’t think “Please Do Not Tell Sales People Anything” connects with the OSI model be honest. Maybe because sales people and consumers like us are two parties like two end users in a network which we need to communicate?? I think it really depends on what makes you remembers the first letter of each seven layers of the OSI model. Another one I found is “Please Do Not Throw Sausage Pizza Away”.
Good post, I like the mnemonics you shared very much. Would you say that a part of the Operating system could be considered as a presentation layer ? one of my friends, seems to refuse to believe that the OS figured out the OSI model.
What is OSI model? What’s the main function of each OSI layer?
Layer 1: Physical Layer
This is first layer in ISO model, represents physical characteristics of operating system communication channel including electronics specifications and optical signals used for communication. It manages network media types like CAT5 Twisted Pair, SFP Optical Fiber, connection interface characteristics, and any other specification for putting transmission signals on physical media. However, data transmission over physical media is function of Layer 2 while layer 1 is confined to physical aspects of the transmission media.
Layer 2: Datalink Layer
The DLL (Data Link Layer) resides between physical layer and Network layer. DLL provides data transmission validation for data being transported over the network. The DLL is logically divided into two sublayers: Media Access Control (MAC) sublayer, and the Logical Link Control (LLC) Sublayer. DLL MAC (hardware) address uniquely identify individual network card (NIC), used for inter-switch routing with ARP protocol (address resolution protocol), while LLC is responsible for end to end flow control of data frames transmitted, perform data transmission error checking.
Layer 3: Network Layer
The network layer is managing logical addressing of data packets and delivery to destination. Routers are special appliances used to perform network layer routing functions. The logical addresses are called IP address (Internet protocols) , are used to identify a computers and network addresses.
Layer 4: Transport Layer
The Transport layer manages the breaking of data packets into smaller chunks, transportation of data packets to computer on the other end, with different degrees of delivery assurance (reliable or unreliable).
Example of reliable transmission is connection oriented protocol TCP (Transmission Control Protocol), once a connection is established, data is sent from source to destination and waits for acknowledgment of receipt before it sends another data stream .
Example of unreliable transmission is UDP (User Datagram Protocol) is connectionless where multiple packets are send to destination without waiting for acknowledgement back (email).
Layer 5: Session Layer
The session layer is responsible for establishing, managing, and releasing connections between applications running on source and destination computers. This layer integrates function of transport layer to provide management capabilities to enhance control over transport layer functions.
Layer 6: Presentation Layer
Presentation layer converts application data into proper format to be sent by transport layer. Presentation layer performs other functions like compression, encryption, ASCII code conversion.
Layer 7: Application Layer
Application layer is the layer with human readable traffic generated on user or operating system level.
Example: user connecting to amazon site from laptop, the application layer manages all http and https traffic between laptop and e-commerce web site.
What are the advantages of VPN?
VPN or virtual private network protocol is used to extend local area network “LAN” data resource access to users connecting remotely with high degree of security and privacy. The remote systems (Laptop, PC, Server) uses VPN protocol to securely connect to LAN systems as if the remote system in part of the local area network “LAN”. Once connected, traffic between remote systems and local LAN data resources is encrypted with one of the encryption algorithm like IPSec to protect information transmitted on connection channel.
what is OSI? and what is the function of each layer of OSI?
OSI is short for open system interconnection. It is a conceptual model that characterizes and standardizes the communication functions of a telecommunication or computing system without regard to their underlying internal structure and technology. Its goal is the interoperability of diverse communication systems with standard protocols.
OSI has 7 layers.
1. physical: a direct point-to-point data connection.
2. data link: a reliable direct point-to-point connection.
3. Network: addressing, routing and delivery of datagrams between points on a network.
4. transport: reliable delivery of segments between points on a network.
5. session: interhost communication, managing session between applications
6. presentation: data representation, encryption, covert machine dependent data to machine independent data.
7. application: network process to application
Question 1: What is OSI model? What’s the main function of each OSI layer?
The OSI model stands for the Open System Interconnection Reference Model, which is a conceptual model that “characterizes and standardizes the communication functions of a computing system…” This model initially developed by the International Organization for Standardization (ISO). The OSI model has seven layers:
— Layer 7: Application: he application layer serves as the window for users and application processes to access network services.
— Layer 6: Presentation: The presentation layer formats the data to be presented to the application layer. It can be viewed as the translator for the network.
— Layer 5: Session: The session layer allows session establishment between processes running on different stations.
— Layer 4: Transport: The transport layer ensures that messages are delivered error-free, in sequence, and with no losses or duplications. It relieves the higher layer protocols from any concern with the transfer of data between them and their peers.
— Layer 3: Network: The network layer controls the operation of the subnet, deciding which physical path the data should take based on network conditions, priority of service, and other factors.
— Layer 2: Data link. The data link layer provides error-free transfer of data frames from one node to another over the physical layer, allowing layers above it to assume virtually error-free transmission over the link.
— Layer 1: Physical. The physical layer, the lowest layer of the OSI model, is concerned with the transmission and reception of the unstructured raw bit stream over a physical medium.
The layer 1 to layer 3 consist the Media layers; and layer 4 to layer 7 belongs to the Host layers.
Good summary of OSI model, the model is more of a conceptual abstraction of end to end data flows. In real network and systems configuration some of the layers are combined , others are spanning multiple layers.
What is OSI model? What’s the main function of each OSI layer?
The Open Systems Interconnection (OSI) Model is a conceptual and logical layout that defines network communication used by systems open to interconnection and communication with other systems.
Physical: the lowest layer of the OSI model, is concerned with the transmission and reception of the unstructured raw bit stream over a physical medium
Data-Link: Provides error-free transfer of data frames from one node to another over the physical layer, allowing layers above it to assume virtually error-free transmission over the link.
Network: Controls the operation of the subnet, deciding which physical path the data should take based on network conditions, priority of service, and other factors.
Transport: Ensures that messages are delivered error-free, in sequence, and with no losses or duplications. It relieves the higher layer protocols from any concern with the transfer of data between them and their peers
.
Session: Allows session establishment between processes running on different stations.
Presentation: Formats the data to be presented to the application layer. Translates data from a format used by the application layer into a common format at the sending station, then translate the common format to a format known to the application layer at the receiving station.
Application: Serves as the window for users and application processes to access network services.
Security – A VPN connection between a user and the remote resources are encrypted. Thus, if the user’s VPN traffic is compromised, the user will not be harmed because the attacker will not be able to see what remote sources the user is connected to.
Privacy Protection – Connection through a VPN will not leave behind a user’s IP address and personal details. Since the traffic is encrypted, the user’s internet usage cannot be tracked or monitored.
Access to Restricted Resources – Certain service provider sites restrict access to specific geographic locations. Since, a VPN hide the user’s personal details the user is able to access those sites.
Great point Yang, with the security feature the user is protected against outside attacks. So if the user is at home and an attack happens, the attacker would not know the location of the user since the VPN IP address is at a different location of the VPN. So the user is protected and the user can work in privacy since the attacker would not like you said be able to view what files they are working on. So security is an advantage of VPN. It safeguards the user and the companies resources from outside attacks since they do not have access to the network.
Good Point Yang, I see tunneling is the biggest advantage of VPN, creating separate tunnel per remote user , each tunnel if fully secured using IPSec .
Question 2: What are the advantages of VPN?
The first advantage is the security of VPN. The PC users usually connect the internet through cables, but it also allows the attackers to locate the users’ IP address. However, by using the VPN, the data from users’ machine to the VPN servers is encrypted, so it enhances the difficulty to attack for hackers, and it also prevents attackers monitoring the users’ operating system. In addition, the VPN also allows PC users break the internet limitation like the Great Firewall of China (GFW). For example, the GFW will lock the oversea IP addresses so the internet users in mainland China are limited in using some websites like YouTube and Facebook. However, by using the VPN, these users in limited areas can visit the websites without being affected by the GFW.
Exactly, to jump the GFW, users should find a VPN service provider with an oversea IP address, but this also brings a new problem that the oversea VPN servers may lower the speed of uploading and downloading the files.
Great Post! Very informative. I always new about the limited internet access in China, but never thought of it because it never affected me. It did affect a friend of mine who went to China for business. She could only access facebook when she was at work. I assume the company had a VPN.
I do remember reading about this and found the article. The United States has declared the GFW a trade barrier. This is nothing new and don’t know where it will go but remember reading it at a conference in NY.
What is OSI model? What’s the main function of each OSI layer?
OSI model stands for Open Systems Interconnection model. It is a model that characterizes and standardizes the communication functions of a telecommunication or computing system regardless of its internal structure and technology. Its goal is to allow diverse communication through systems with standard protocols. This model partitions communication systems into layers.
Layer 1 – Physical: Transmission and reception of raw bit streams over a physical medium
Layer 2 – Data link: Reliable transmission of data frames between two nodes connected by a physical layer
Layer 3 – Network: Structuring and managing a multi-node network, including addressing, routing and traffic control
Layer 4 – Transport: Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing
Layer 5 – Session: Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes
Layer 6 – Presentation: Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption
Layer 7 – Application: High-level APIs, including resource sharing, remote file access https://en.wikipedia.org/wiki/OSI_model
What are the advantages of VPN?
– Data is kept secured and encrypted.
– Remote access and control to data.
– Share files
– Online Anonymity – can search websites privately
– Better performance – bandwidth and efficiency of a network are increased.
– Reduce costs – once VPN network is created the maintenance cost is really low. https://www.ibvpn.com/2010/02/8-advantages-of-using-vpn/
What is OSI model? What’s the main function of each OSI layer?
The Open Systems Interconnection (OSI) model is to provide a protocol suite used to develop data-networking protocols and other standards to facilitate multivendor equipment interoperability, composed of seven layers, each specifying particular specialized tasks or functions:
Application layer: it provides an interface to the network and communicates the computer’s available resources to the rest of the network;
Presentation layer: it converts data into a format acceptable by the network and provides common communication services.
Session layer: it manages all conversations, data exchanges and dialogs between the application layers.
Transport layer: it provides reliable and transparent transfer of data between end points, end-to-end error recovery and flow control.
Network layer: it is responsible for routing and forwarding through IP addresses.
Data link layer: it provides for the reliable transfer of data across a physical link.
Physical layer: it provides the hardware that transmits and receives the bit stream as electrical optical or radio signals over an appropriate medium or carrier.
According to Microsoft Support, the Open Systems Interconnet (OSI) model was established by the International Standards Organization in 1978, to allow communications between different data transfer applications. (Microsoft, n.d.) The OSI allows for different interfaces to communicate by flowing through the 7 layers.
Layers:
1. Physical
a. Allows for communication between the devices on the computer.
2. Data Link
a. Allows for the transfer of data over the physical layer.
3. Network
a. Allows for the delivery of data.
4. Transport
a. Allows for the flow of traffic.
5. Session Layer
a. Establishes connection between two end-points.
6. Presentation
a. Displays data in a uniformed way.
7. Application
a. Connects applications to networked services
While researching the OSI, I found many confusing explanations. One from TechTarget says, “And although useful for guiding discussion and evaluation, OSI is rarely actually implemented, as few network products or standard tools keep all related functions together in well-defined layers as related to the model. The TCP/IP protocols, which define the Internet, do not map cleanly to the OSI model.”.
What is an OSI Model? What is the main function of each layer?
• The OSI model is a seven-layer hierarchical model that shows the communication and data flow through each computer system.
o Physical (Layer 1)
The physical components (cabling, etc) that keep the network together.
o Data Link (Layer 2)
This layer includes switches and links data between locations.
o Network (Layer 3)
Routers operate at this layer, where they move packets of data between IP addresses.
o Transport (Layer 4)
Decides how much information will be communicated from each destination
o Session (Layer 5)
Deals with communication creating a session with the web server you are trying to get data from.
Creates a session between where your computer is trying to get information from.
o Presentation (Layer 6)
The layer that the operating system is on.
The Application layer sends information to the Presentation layer
o Application (Layer 7)
The layer that the end-user interacts with. Applications that the user interacts with are contained within this level (Firefox, Outlook, etc)
What are the advantages of VPN?
• A VPN (virtual private network) is a way of connecting to another network securing over the internet.
• Advantages of VPN are:
o Data encryption – Data is encrypted when sent over a VPN, which can help the security of the data if the network is entered by a hacker
o Low cost
o Employees can access the network from without needing to be physically in the office, thus remote workers can access resources.
o Tunneling Protocol – If the path/tunnel from which the data is moving through is comprised, the data is purged from the tunnel thus setting up another level of security.
Daniel good list, I liked the employees being able to access the network without needing to be in the office. At my old job I was given a laptop and was able to login to the companies server anywhere as long as there was Wi-FI. That made it a lot easier to perform my work and access my projects located on the companies server. Great benefit since I can work from home, well from anywhere really and be able to connect to other co-workers who are also connected to the VPN. It made the job more easier and flexible since if there was any issue, I could login and sign over the program that was sign out to myself back in so that the other user needing it can have it.
What are the advantages of VPN?
Virtual private network are beneficial for companies since they have their own private server that outside people cannot access. This negates the risk of people stealing information about the company. The VPN is secure and only employees are able to access the network. Employees are able to use features on the network such as share files between each other and access the network remotely. Thus VPN enhances security within the company since only employees can access, it is better performance since they are able to access the network anywhere with the proper login or companies laptop, and it reduces cost for the company.
What is OSI model? What’s the main function of each OSI layer?
The Open System Interconnection (OSI) model is a network framework to implement protocols through 7 different layers.
1. Physical – Equipment use to transfer information between systems, examples are wires, Ethernet cords, cards, etc.
2. Date Link – Data is encoded and decoded into bits. Divided into two different layers, Media access control and logical link layer.
3. Network – Information is transfer through technology by logical pathways, also known as virtual circuits.
4. Transport – Information is transfer between systems or host.
5. Session – Applications is establish, manage or terminates in this layer.
6. Presentation – Information is sorted by differences by type and translated through application to network format and vice versa.
7. Application – The end user process layer, where they are able to send the information through file sharing or email etc.
A Virtual Private Network uses tunneling to allow for uses in a private network to communicate through a public network, without the risk of the information being intercepted by hackers. This means a person can work at a remote location (Home, Hotel, Restaurant, ect.) and have the data encrypted to ensure secure transmission, over a non-secure network.
Another benefit would be a more productive workforce. Providing a secure connection to the private network will allow for work tasks to be completed anywhere with an internet connection. Increasing employee production.
There are also cost savings for the business if the work of the employee requires working from a remote location. A VPN allows the employee to utilize their own equipment, reducing hardware and support costs associated with the job.
The biggest advantage is worker’s ability to work remotely over a secure tunnel. I would recommend anyone who uses public WiFi to use a VPN connection. There are cheap services that will allow for this and some phone service providers offer VPN services. You don’t want someone to see you went to a bank website and gain your information at a coffee shop.
What is OSI model? What’s the main function of each OSI layer?
The OSI model is a conceptual model that has 7 layers to describe how computers communicate with each other over a network. It shows the flow of traffic through the various stages from the applications layer (the user interface layer) all the way down to the Physical Layer (the medium that the information is transported from computer A to computer B) back up to the Application layer of the target machine.
The Layers are as follows:
(7) Application Layer – supports end-user processes and as the name mentions the applications. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified.. Provides application services for file transfers, email, and other network software services. (Telnet and FTP)
(6) Presentation Layer – Provides independence from differences in data representation (encryption) by translating from application to network format. Transforms data into the form the application layer can accept. (ASCII, GIF, JPEG, etc.)
(5) Session Layer – Establishes, manages and terminates the connections between applications. (NetBios names, SQL, NFS, etc.)
(4) Transport Layer – Provides transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control. (TCP, UPD, etc.)
(3) Network Layer – Switching and routing technologies live here. They create logical paths, or virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer as well as addressing, error handling and pack sequencing. (IP, AppleTalk, etc.)
(2) Data Link Layer – data packets are encoded and decoded into bits. This contains 2 sub layers (1) Media Access Control and the Logical Link Control layers. MAC controls how a computer on the network gains access to data and permission to transmit. The LLC layer control frame synchronization, flow control and error checking.
(1) Physical Layer – This is the medium that the bit stream is sent over via electrical impulse, light, or radio signal. This provides the hardware means of sending and receiving data on a carrier including defining cables, cards, and physical aspects. (Ethernet, B8ZS, RJ45, etc.)
The top 5 advantages of a VPN are Security, Privacy Protection, Access to restricted resources, and better connectivity. VPNs secure otherwise public networks by encrypting traffic so anyone monitoring the traffic flow will get meaningless characters instead of useable data. When using an established VPN personal information such as IP addresses, locations, etc are hidden. Additionally VPNs are a cost-effective way to leverage public networks for private or confidential traffic without the heavy investment of leasing a private network from a service provider. And lastly, using a VPN establishes an intelligent network where the traffic can follow the most efficient route to the end user/server that you are communicating with.
What is OSI model? What’s the main function of each OSI layer?
OSI (Open Systems Interconnection) is reference model for how applications can communicate over a network. A reference model is a conceptual framework for understanding relationships. The purpose of the OSI reference model is to guide vendors and developers so the digital communication products and software programs they create will interoperate, and to facilitate clear comparisons among communications tools. Most vendors involved in telecommunications make an attempt to describe their products and services in relation to the OSI model. And although useful for guiding discussion and evaluation, OSI is rarely actually implemented, as few network products or standard tools keep all related functions together in well-defined layers as related to the model. The TCP/IP protocols, which define the Internet, do not map cleanly to the OSI model.
VPN is popular both among home and corporate users. Its popularity is due to the fact that it brings unmatched benefits in an interconnected world full of challenges to information security and privacy.
VPN has unique advantages from which the top ones are improved security, privacy protection, access to restricted resources and better connectivity.
Shizhong, nice post. To elaborate further, a few other advantages of VPN are enhancing security as the data is encrypted, better performance as you increase the bandwidth of your network and reducing costs.
In today’s world, with the traditional “work at the office” model of job productivity being shifted to a work at home model, having a VPN has become more important than ever. If you work remotely you must do so securely. A VPN enables secure, safe remote login to systems which in turn enables companies to offer flexible time to employees and expand their talent pool to individuals who may not be physically nearby to the company. It can also assist with outsourcing IT functions to vendors without worry that connections to their internal systems may be unsecured or vulnerable to attack.
The OSI model lays out and describes the characteristics of the communications functions that underlie any generic telecommunication or computing system.
(1) Physical – conveys the bit stream through the network at the mechanical and electrical level.
(2) Data Link – data packets are encoded and decoded into bits. It furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization.
(3) Network – provides switching and routing technologies, creating logical paths known as virtual circuits, for transmitting data from node to node.
(4) Transport – provides transparent transfer of data between end systems and is responsible for end-to-end recovery and flow control.
(5) Session – establishes, manages, and terminates connections between applications.
(6) Presentation – works to transform data into the form that the application layer can accept. This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems.
(7) Application – provides application services for file transfers, e-mail, and other network software services.
What are the advantages of VPN?
There are many advantages of VPN. From a security perspective, virtual private networks offer a higher level of protected communications unlike other remote methods of communication. This is because advanced technologies are used to protect the network from any unauthorized access. From a cost perspective, when it comes to operating a VPN within an organization the costs are lower than other types of configurations. This is because the lack of variables for different types of communications over the VPN and the opportunity to communicate securely at the low cost in other areas of the world. Essentially, VPN is a popular technology which offers more flexibility for business associates to communicate over a secure connection without sacrificing security.
Absolutely, I agree with you. Security is one of the biggest challengers in today’s interconnected world. Local security solutions such as antivirus, firewall, etc., are not sufficient to protect you unfortunately. A separate, external solution is needed to protect the communication from you to the outside world.That’s where VPN comes to play. VPNs secure the otherwise insecure connection between you and remote resources. VPNs should be used especially in public networks such as WiFis. In any case, as a general rule no network should be considered secure because the communication flow passes through numerous points (routers) and for an attacker is sufficient to compromise any one of these points in order to compromise the communication channel and its information flow.
Along with security VPN provides access to remote systems. This helps connect to systems even when you are not physically present serving the important component, availability.
In fact, VPN allows individual users to establish secure connections with a remote computer network. The users can access the secure resources on that network as if they were directly plugged in to the network’s servers. For example, salespersons of a large firm can access the firm network via VPN when they are in the field.
To add to your point Priya, It provides secure data transmission through the virtual network by encrypting and sending it.
I agree, the security aspect of VPN is incredibly important. With more and more people working remotely, the risk of security breach increases. There are some people who, if their systems allow it, will do their work over a Starbucks connection, which of course is not secure at all and very, very risky so far as the risk of data loss goes. VPN helps mitigate these risks.
At the same time, it can be a way for the hackers or other criminal organizations to remain hidden? In fact, some people use VPN because they want to stay anonymous. VPNs present several advantages but they also open new securities issues, as we can’t monitor them.
To add to that as VPN hides the location details of the person accessing the network, it is easily used to access the sites which are banned by the government posing as a user from a different country.
A VPN can definitely open up new security issues. It’s a difficult balance between building secure architecture and applications and preventing its use for nefarious activities. But it’s not possible at the moment to maintain the integrity technology like VPNs while prevent these issues. From my personal experiece, I know people who use VPNs to download movies and music illegally. The VPN masks their identity and activity and enables this type of activity. On the other hand, I use a VPN when I’m on a public or unsecured wifi because of the same benefits.
Once a user established VPN connection to his/her company’s next work, the node he/she logged in becomes part of the company’s network….what controls a company should deploy to mitigate the risk caused by the activities you mentioned above, such as downloading movies and music illegally?
I believe preventive control should taking place to mitigate the risk such as downloading movies and music illegal. Preventive control such as set up authorization of websites that employees can visit. I remembered when I was back in high school, we use to have independence study class. I was trying to watch something on Youtube but I wasn’t allowed to because authorization is required.
Absolutely, preventative controls similar to “parental controls” should be used to block websites that are not approved by the company. I also believe “getting caught” can be a strong deterrent for future misuse. There could be a type of alerting/logging system set up that monitored what sites a user visited. If a site they visited is on a list of flagged sites (facebook, youtube, etc.) an automatic email could be sent to the user letting them know that they visited a restricted site. Just sending a notice to the user that their activity is being monitored could prevent them from doing it again.
Said – What controls should be implemented to mitigate the risk you referred to here?
Said, great point. VPN are used to both protect data, but also are commonly used for privacy issues as well. I know on the darkweb VPNs are constantly used to protect the privacy of the end user
Here are some of the alternatives to VPN:
* PC Anywhere – Involves buying the (somewhat expensive) PC Anywhere software & installing/configuring it on the office PC and on the remote. Once purchased, there are no operational costs other than the occasional upgrade.
* GoToMyPC, from Citrix – subscription based model, where you pay a monthly/annual fee to use their Internet service to connect to your office (or home) PC/Mac from any Internet connected PC via a browser.
* LogMeIn – Free; Create an account on the LogMeIn site, load a small application on any PC/Mac/Server you want to connect to.
* iPad apps – If you just need access to an office or home PC/Mac from an iPad, there are apps for that! Example: Splashtop
source: http://tomkconsulting.com/news021-remote-access-alternatives.htm
Ian – Why do most of the firms choice VPN over some of the options you mentioned above?
I’m sure cost is a factor. There are some very costly solutions that are available and I’m sure they work well, but why pay more than you need to if the end result is basically the same? Additionally Ian mentioned an app on the ipad. That requires a company to not only outfit their team with macs (very expensive), but it requires them to also provide iPads to employees (also very expensive). Also, I’m not an Apple person so I can’t speak specifically to the iPad, but tablets in general aren’t nearly as secure as computers are, and viruses for such devices are becoming more common.
You’re right. Security and cost-saving are two main advantages, so many individuals and organizations choose VPN. I read an article about how VPN to keep security, one interesting method is that it could hide or change your IP address to keep you under cover when browsing from your devices, so that you could surf online without worrying that spying eyes are following you.
That’s correct, the VPN users can improve the security by using the VPN provider’s IP address and other information instead his own location. Besides the security, VPN also allowed the internet users from limited area break the online limitation. For example, the Great Firewall of China (GFW) forbid users in mainland China to visit some oversea websites, but with the help of VPN, users can change their location in different IP address, and access the shielded websites.
In my experience cost/benefit analysis is always the first analysis done when trying to select a technology for a project. While it may not be hte only one, I do believe that in my experience it carries the most weight. That being said, it does not mean that the cheapest solution is or should normally be selected, however, if there are 2 very similar options, they will almost always choose the cheaper of the 2.
The VPN will allow remote connectivity in secure manner , the VPN is good business productivity tool for mobile workforce.
One of crucial tools to secure VPN is use of two factor authentication 2FA.
Student/worker can use provided VPN from their school or company to access resources on their network when they’re at home or traveling. Other advantages include share files, online anonymity, unblock websites and bypass filters, change IP address, better performance and reduce maintenance costs.
What is OSI model? What’s the main function of each OSI layer?
The Open Systems Interconnection (OSI) model is comprised of seven layers:
-Application: partners are identified and network capacity is assessed. This layer is not directly the app itself, more of a set of services the app should use. However, some app may perform app layer functions directly.
– Presentation: a part of an OS and converts incoming and outgoing data from one format to another
-Session: sets up, coordinates and terminates conversations sessions, usually by authentication and connection
-Transport: packages data in order to deliver while checking for errors
-Network: handles the addressing and routing of the data via IP addresses over the internet
-Data Link: links data across the physical network, which consist of 2 sublayers: Logical Link Control Layer and the Media Access Control Layer. However, Ethernet is the main data link layer in use.
-Physical: It provides the streaming of data; the hardware means of sending and receiving data on a carrier network.
The main focus of the OSI reference model is guide vendors and developers so the digital communication products and software programs interoperate. The main concept of OSI is that the process of communication between two endpoints in a telecommunication network can be divided into seven distinct groups of related functions.
Source: http://searchnetworking.techtarget.com/definition/OSI
you’re right Laly. In fact, the purpose of the OSI reference model is to make networks more manageable and to aid the problem of moving data between computers.
Thanks Alex,
Yeah there are a few advantages of using the OSI reference model :
• It operates and works independently of the operating system
• It enables the inter networking between the organizations
• It has a client-server architecture
I agree of your summary of OSI mode. In nutshell, OSI is abstract model for operating systsme ocmmunication stack starting from physical media all the way up to operating system kernel. The structure describes the functions and interactions of various data communication protocols in systems.
What are the advantages of VPN?
Virtual Private Network (VPN) is a network created between you and what you access. VPN tunnels your location and encrypts your data. This acts as a cognition- no one else can see, control or influence your activity. As you can image there are many advantages of VPN.
– Hiding/ changing your IP address: Changing your IP will help you not only to unblock restricted websites, but also to hide your identity and protect your personal data from being stolen.
– Privacy: Because of encryption, VPN keeps all your Internet activity private, far from any unwanted eyes.
– Security: VPN creates a safe connection between you and the servers. This protection is really hard, almost impossible to break.
– Unblock geo-restricted sites: I know while studying abroad in Spain, I had no access to Netflix. VPN’s allow you to the possibility to access geographically blocked sites from anywhere in the world.
Excellent post, Magaly. Additional Point… Don’t try setting one up at work to circumvent network security; you’ll likely get in trouble.
Hi Joseph, Thanks for input, I didn’t do it abroad but a few of others did, just thought of it as a good example.
Laly – I accidentally posted this below as well. I meant to post it here. Great VPN advantages answer. I think a lot of your advantages depend on the planning that is needed in order to take the proper precautions that result in strong security.
Some disadvantages of a VPN is that VPN requires experienced employees that have knowledge with public networks security, password and data encryption, network address encryption,
VPN also has issues with availability and performance because VPN is difficult to control. VPN tends to have speed much slower than a traditional connection.
I will say that VPN is used when people attempt to secure their Internet connection to maintain anonymity while browsing. I know this post is about some disadvantages but I do believe that VPNs are mostly positive when secured correctly and when an individual would like to secure network accesses.
Ian I like the fact that your brought up some disadvantages of VPN.
Actually talking about security, if you want to remain anonymous online, a VPN can hide your real IP by using the VPN IP instead. However, the VPN IP is shared by an unknown number of persons, and its usage is public as long as the person subscribe a contract to the VPN provide. Therefore, by using a VPN, you open yourself to attacks such as IP spoofing.
On top of that, your IP address may be blacklisted due to the activity of another VPN user, which may result into limited or refused access into some websites.
So, VPN is very likely to reduce the trust that the destination service (bank, insurance account etc) has in you.
Valid point Alex,
Not sure if you read my reply to Ian. It most definitely coincides with your point. Some VPN service providers are not worth your trust. Some diligently log your connection times, dates, IP addresses, keep track of how long you’re connected, and some even keep an eye on the types of traffic that you send through their networks while you’re logged in. They’ll tell you it’s in order to make sure you’re not doing anything illegal, or anything that would damage their network, but that level of snooping does kind of go against the whole purpose of a VPN, doesn’t it?
An intersting article about how to select a VPN service provider:
http://www.howtogeek.com/221929/how-to-choose-the-best-vpn-service-for-your-needs/
Hey Ian,
Great point. I didn’t think about it in that regard.
However. while studying abroad everyone was raving about VPN so they could stream Netflix and their shows back home. I was reluctant to use it because, I knew you had to go through 3rd party websites to hid your VPN.
Not sure, if you have heard of HOLA.org however, after a few of my friends download the google chrome extension they experienced viruses and hacking. They later found out that Hola was selling their computers networks to anyone who was willing to pay.
An interesting article about how to select VPN vendor:
http://www.howtogeek.com/221929/how-to-choose-the-best-vpn-service-for-your-needs/
Great point Ian, VPN may slow down the speed. About having experienced employees having encryption knowledge holds true only to a person who is setting up the VPN. For a user, it is just another level of authentication they need to provide.
I have experienced that companies prefer the employees to directly connect to servers rather than saving work locally. Working locally has data retention, data clean up, intellectual property clauses. Hence setting up VPN benefits the company in having all data on their server and they can keep track of data transfer.
Ex. In case of multinational firms where employees are ;located in another country, VPN will help monitor if an important file has been sent to a personal email id of the employee.
Definitely Priya. VPN slows down the speed. It is still not a choice for the developers to do programming through VPN. Sending files and working on some data on local server is done well but for managing database and programming it is still not a choice unless and until there is an urgent need.
Also the speed related to VPN depends on the network provider the employee is using. VPN is suggested to be used when the office network is not available like if the user is working from home or onsite.
For users working remotely needs to be connected to VPN to update the patches or updates that are pending.
Binu,
I also agree with you. The speed is definitely depending on the internet providers if you are using the internet-based VPN. VPN is heavily used for the purpose of working remotely while connected to the organizations/companies network. Speed can’t be matched up to the local/physical lines; however, many organizations/companies are enjoying using the internet-based internet. Why? because it is cost-effective, secured and more than ever efficient means to work remotely.
*the internet-based VPN
Ian, you brought up a good point about the speeds over VPN being much slower than traditional internet. I agree partly to that view as the technology by itself is not designed such that speed achieved over VPN is slower than the parent connection however the different vpn clients that you use generally have a significant difference in the speeds you encounter. My previous company was earlier using a common VPN software which did give significantly lower speeds than the parent connection however the company switched over to a different and new VPN client a couple of years back and there is absolutely no noticeable difference in the speeds between VPN and the parent connection.
I totally agree with you. I want to add an example about VPN unblocks geo-restricted sites. In China, we’re not allowed to access to any Google services, but with VPN, costs 3-5 dollar for individual users, you could connect to Google, Youtube or any other blocked websites.
What is OSI model? What’s the main function of each OSI layer?
Open Systems Interconnection (OS) is reference model for how applications can communicate over a network. It guides vendors and developers so the digital communication products and software programs they create will work together without special effort on the part of the customer. OSI also facilitate clear comparisons among communications tools.
It has 7 layers of communication provided by a combination of applications, operating systems, network card device drivers/ enabling a system to put a signal on a network cable or out over Wi-Fi.
The seven layers and their main function, in descendant order are as follow:
Application: responsible for network services to applications
Presentation: transform data formats to provide a standard interface for the Application layer
Session: establishes, manages and terminates connections between the local and remote application
Transport: provide reliable transport and flow control across a network
Network: responsible for logical addressing and domain routing
Data link: provides physical addressing and media access procedures
Physical: defines all the electrical and physical specification for devices
Brou,
Interesting that you talked about domain routing in Network Layer. Since even the routers that we have at home, have a job of finding the best and the most reliable path for packets to travel. I am wondering if the routers are involved mainly on the Network layer.
Yes Abhay, routers operate mainly at the network layer. Routers handle incoming packets from various sources, determine their final destination, and then figure out where they need to be sent to get them where they are supposed to go.
Those information are stored in the “routing table” within the router…the table provides the intelligence to the router to direct the traffic.
Abhay,
Routers operate primarily at the Network Layer like you suggested. At home though it can get a little trickier in a sense. Most home routers are multi-layer switches. For example, if you have a router from Comcast Xfinity, it operates as your router (Layer 3) and as a switch (Layer 2) as well. It also will more than likely have a built-in firewall that you can manage through logging in as an admin to the switch interface.
Appreciate the input everyone.
Q2: What are the advantages of VPN?
A VPN is one solution for many organizations/businesses to establish a long-distance and secured network connections. Compared to other technologies, a VPN has several advantages which are cost saving and scalability. For the cost-saving perspective, a VPN can is beneficial in eliminating the need for expensive long-distance leased lines, reducing long-distance telephone charges, and offloading support costs. A VPN is no longer requiring organizations to rent network capacity such as T1 lines to fulfill their secure connectivity between their office locations. With a VPN, you can utilized existing public network infrastructure including the internet to make these connections. A VPN also can replace remote access servers and long-distance dial-up network connections commonly used in the past by business travelers needing to access to their company intranet. For example, with an Internet VPN, clients need only connect to the nearest service provider’s access point that is usually local. With VPNs, the cost of maintaining servers tends to be less than other approaches because organizations can outsource the needed support from professional third-party service providers. These providers enjoy a much lower cost structure through economy of scale by servicing many business clients.For the scalability perspective, Internet-based VPNs avoid this scalability problem by simply tapping into public lines and network capability readily available. Particularly for remote and international locations, an Internet VPN offers superior reach and quality of service.
Source: http://compnetworking.about.com/od/vpn/f/vpn_benefits.htm
Great post Daniel. I agree with you that the level of security an organization can achieve using VPN with a decent cost is great. However it must be ensured that the service provider for the Internet via which the network is connected must have minimal downtime and good connectivity. Otherwise the day to day business work will be impacted.
Priya,
You are absolutely right. When using the internet-based VPN, the shortcoming you should expect is you no longer have an absolute control on the connectivity of the internet. That is, if the internet providers’ server is down, your VPN will be also disconnected because your VPN is highly depending on the providers’ systems.
A good point made here. VPN helps in reducing the cost for the organisation. The Accenture case which we read mentioned the same point. Accenture established a global delivery network giving its employees a facility to work remotely and hence reducing the IT cost per person by 69% which is a big number.
In this way VPN has definitely proved its need and cost justification.
VPN helps the firm reduce the cost, correct. But how? Explain Briefly.
VPN is an alternative to what can be very costly private leased lines from a service provider. The VPN technology allows us to leverage best-effort braodband connections while still securing the mission critical traffic and keeping that sensitive information out of others’ hands. While they can still see the data, the encryption makes it essentially useless.
Absolutely, I agree with you. A VPN has several advantages which are cost saving and scalability.
VPN is a technology which creates a virtual private network to which end users are connected via an encrypted channel.
Its main advantages are as below:
Ensure security – even if the communication channel is compromised, you cannot be harmed or the harm will be minimal if you are connected to a VPN because the VPN connection is encrypted and cannot be decrypted and thus read.
Protect your privacy – with VPN whenever you visit web sites, listen to radio, chat, etc. you will be identified with the VPN provider, i.e. his IP address, location etc. Your own IP address and personal details will remain hidden.
Allow access to restricted resources- VPNs have multiple points of presence in different geographic regions. The fact that you are identified only with the VPN provider allows you to circumvent any geographical restrictions.
Better internet connection
I strongly agree with you, VPN can protect your privacy. To protect your privacy you should use VPN again. Thus, with VPN whenever you visit web sites, listen to radio, chat, etc. you will be identified with the VPN provider, i.e. his IP address, location etc. Essentially, your own IP address and personal details will remain hidden.
Just to add to your privacy point Brou, VPN also first encrypts the data before sending it to the network thus reducing the chances of data breach to minimum. This helps in maintaining the confidentiality and integrity of data.
I agree with you about security and privacy, that’s two of main serious challenges in today’s world, and I just want to add something related what you said better internet connection.
It’s not unusual that sometimes your Internet routes may not be optimal or bandwidth is limited especially connect to international online resources. which could lead to poor web experience and slow browsing. In such cases you can connect to a local VPN point of presence which further routes your traffic. This will allow you to have a bandwidth to distant destinations similar to the bandwidth available between you and your local VPN server.
I strongly agree with you. Indeed, the VPN can significantly enhance the security for the internet users. By using the VPN, people who connect the internet will directly transfer their data to the VPN servers with the coded protection. This increase the difficulty to attackers who wants to steal the information from the users. Moreover, the VPN can also lower the cost to the company, so overall, the VPN improves the security with lower cost.
The terminology is called “tunneling”…
Q1: What is OSI model? What’s the main function of each OSI layer?
The OSI Model = the Open Systems Interconnection Model
7 Layers of the OSI Medel:
1. Physical (Layer 1) – OSI Model, Layer 1 conveys the bit stream – electrical impulse, light or radio signal – through the network at the electrical and mechanical level.
2. Data Link (Layer 2) – At Layer 2, data packets are encoded and decoded into bits. It furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization.
3. Network (Layer 3) – Layer 3 provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node.
4. Transport (Layer 4) – Layer 4 provides transparent transfer of data between and systems, or host, and is responsible for end-to-end error recovery and flow control.
5. Session (Layer 5) – This layer establishes, manages and terminates connections between applications.
6. Presentation (Layer 6) – This layer provides independence from differences in data representation by translating from application to network format, and vice versa.
7. Application (Layer 7) – Layer 7 supports application and end-user processes. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified.
Source: http://www.webopedia.com/quick_ref/OSI_Layers.asp
I agree with you. The layer has two types. One is host layers, which were including Application layer, Presentation layer, Session layer, and Transport layer. Another one is Media layers, which were including Network layer, Data link layer, and Physical layer.
Daniel, it must be noted that the OSI model is an abstract model that provides a framework that defines the functions of each layer. In other words the OSI standard defines the interfaces between the layers and as the data is passed from layer to layer, each layer adds its own information.
Brou,
Great points! As you said, as the data goes from each layer to the next information is either added to or stripped from the data depending upon whether the data is being sent or received. Many layers add or strip a “header” to the data as it passes through, and those headers tell the system various pieces of important information like what part the data is in a series of data, is the data damaged, is the data a “jumbo frame,” etc. Trying to remember every flag that can be added/checked is a nightmare. Also, it helps to remember where in the OSI model data is referred to as a segment, a packet, and a frame.
Sean, well explained. Challenge question: can you explain to the class on Wednesday, how OSI layers map to TCP/IP?
Professor, I can certainly do my best.
Dan,
In addition to transparency, Transport Layer also provides reliability by making sure that when data is broken into different packets, they are also received in the correct sequence to by the receiver.
Yes, rightly said Abhay. The transport layer has the error detection and correction capabilities.
Abhay,
Thank you for pointing it out! You are correct. The transport layer should oversee the process of data transfer in respect to transparency and reliability as you said. In this phase of OSI model, flow control is very important. You don’t want to see broken data or missing data in the end of receiving them.
According to TechTarget.com, the OSI model is: is “a reference model for how applications can communicate over a network. A reference model is a conceptual framework for understanding relationships. The purpose of the OSI reference model is to guide vendors and developers so the digital communication products and software programs they create will interoperate, and to facilitate clear comparisons among communications tools.”
The OSI Model has seven layers:
The physical layer focuses on the transmission and reception of the unstructured raw bit stream over a physical medium.
The data link layer allows the data frames to transfer from one node to another over the physical layer. The data link layer makes sure that layers above it has error-free transmission.
The network layer factors in network conditions, priority of service, and other factors to decide which physical path the data should take. The network layer overall is responsible for the operation of the subnet.
The transport layer makes sure that messages are delivered in sequence, with no losses, duplications, or errors.
The session layer allows session formation between processes running on separate stations.
The presentation layer formats the data to be presented to the application layer.
The application layer serves as the window for users and application processes to access network services.
source: http://searchnetworking.techtarget.com/definition/OSI;
https://support.microsoft.com/en-us/kb/103884
Ian,
Great post. May I add, for the Transport Layer, in addition to what you said, the layer also determines the packet sizes. These packet sizes are decided on the basis of different protocols. Some protocols require smaller packets than others and in that case Transport Layer will break the packets down.
Abhay, As far as I understand transport layer deals with segment and does not determine the size of packet. The packet headers and footers are added in Network layer. Transport layer deals with secure/unsecure transmission.
What are the advantages of VPN:
The advantages depend on what you use VPN for. Most businesses use VPN for: allowing remote workers (which saves the company money), branch offices, partners, and distributors. Today, some businesses use VPN to form a single secure private network by connecting different cloud providers.
Indeed Ian, the advantages of VPN depend on the use case.
Individuals use VPN to secure their Internet connection and stay anonymous while browsing and business can use it to access information remotely, from home or even the phone. This can eventually contribute to the increase in productivity within a company.
Ian,
I like that you brought up VPN’s are used for branch locations, partners, and distributors. Implementing a VPN allows a business to essentially widen its network beyond where it is physically located, and doing so securely too. A VPN also leverages the use of the internet already in place to widen the business’s network without having to really absorb any new costs to expand the network.
Leveraging the public network is one of the important reasons why VPN reduces the cost comparing leased lines…
Good point in talking about the secure private network between different cloud providers. Since the VPN service allows the users visit the internet through VPN servers with the IP address and location of the provider, which means they need to send the data to the VPN servers first, and I was thinking that this may impact the speed of uploading and downloading the files, and this might also impact the data transferring between different cloud providers.
Hi Fangshou,
you have a great analysis of disadvantage of VPN, I agree with you that the speed of uploading and downloading will be slower because it VPN is like another layer of internet. The data takes more time to pass through the extra layer of VPN.
Nice post Ian. I agree with the points you made but I do want to mention that from a security perspective, virtual private networks offer a higher level of protected communications unlike other remote methods of communication. This is because advanced technologies are used to protect the network from any unauthorized access.
Laly – Great advantages answer. I think a lot of your advantages depend on that proper planning that is needed in order to take the proper precautions that result in strong security.
Another disadvantage of a VPN is that VPN requires experienced employees that have knowledge with public networks security, password and data encryption, network address encryption,
VPN also has issues with availability and performance because VPN is difficult to control. VPN tends to have speed much slower than a traditional connection.
I will say that VPN is used when people attempt to secure their Internet connection to maintain anonymity while browsing. I know this post is about some disadvantages but I do believe taht VPNs are most positive when secured correctly and when an individual would like to secure network accesses.
What are the advantages of VPN?
A virtual private network (VPN), is a network that is constructed by using the Internet to connect to a private network, such as a company’s internal network.
The advantages are as follow:
– Enhance security as the data are encrypted
– Remote control as you can access your information everywhere
– Reduce costs
– Better performance as you can increase the bandwidth of your network
– Online anatomy as you can access both web applications and websites in complete anonymity
Source: https://www.ibvpn.com/2010/02/8-advantages-of-using-vpn/
Of course, I agree with you. VPNs have also other benefits depending on the VPN service provider you are using. For example, some VPN service providers allow their users to share more easily and faster information between themselves, play games and perform any other activity as if they are within a local area network (LAN).
Disadvantages:
-Complex Design
-Need for employees with high level understanding of VPN which can be costly
-Reliability can become a factor (need to choose a provider who can guarantee minimal downtime – costly)
-If it happens to be necessary to create additional infrastructure the solutions can become incompatible and cause technical issues
-If you need to reconfigure and customize, working with the same vendor can sometimes increase the cost of deploying additional infrastructure.
-The use of mobile devices to initiate connectivity to the virtual private network can cause security issues especially if the connection is wireless
I am just playing devils advocate here. VPNs offer a viable solution for secure communications between distributed users. It is still definitely very important to hire the correct IT professionals that have a high level understanding of VPNs so that you can configure your VPN to ensure a secure solution for your business.
Ian, you have stated an important point regarding mobile devices connecting to VPN. Currently not all mobile OS have a VPN built-in client (only Android and ios provide built-in). Mobile devices do not have an open VPN protocol which is disappointing. Companies must provide a software application to launch VPN client via mobiles devices. If one uses Wifi to connect to VPN they expose the data to many insecurities.
To add to the disadvantages, If the company is not maintaining proper user provisioning along with the identity systems with VPN administration it can lead to unauthorized access.
One such example of insufficient VPN management and security that lead to a breach comes from an employee terminated by a utility company, Energy Future Holdings. The employee was able to use the VPN—even after his position was terminated—to access the corporate systems used for consumer demand forecasts. The terminated employee used the access to corrupt data, which caused $26,000 in lost business alone. Hence it is necesary to maintain the identity systems with VPN. I am not sure of does active directory have records of all active VPN users or not? If anyone have information on it do share.
Deepali,
Great example! I absolutely agree with you that there should be strong controls implemented to prevent terminated employees from accessing the organization VPN. Several days ago, I had a chance to talk to a Cyber Security professional. And he even mentioned that not many companies have proper procedures to deactivate terminated employees access to their systems. He even mentioned-from his experience- companies take an average of 6-8 days to cease terminated users access. When you think about it, it is a pretty long time to take an action. Your example is exactly a down to earth situation.
Daniel,
That’s pretty wild, I was under the assumption that most companies were able to remove any access employees had the day the employee leaves, but that is eye-opening.
Let’s discuss a few key controls can mitigate risks associated with VPN during the class…
Ian, rightly said that employees need to have right understanding about the VPN.
One member firm that I worked with used Global protect as VPN for first level of authentication and then needed to connect to remote access using EMUE code which was pretty complicated for most of the non tech savy users because EMUE was to be generated on their company approved PDA’s and if there were was any problem with the PDA they would have to wait till that PDA was repaired or another PDA was configured and had EMUE installed. Else they would have to call center for additional keys.
Hi Binu,
That is an interesting point that you brought up about using the EMUE code to connect to the network for remote access. I think in today’s environment with smart devices, those remote access applications are likely more easy to implement and are more “user friendly”. However, companies now have to worry about their devices security since they don’t want an employee’s second factor for 2 factor authentication to be compromised. With that being said, it is still the same today that if the remote access key is not generating, then one has to still contact the call center to get a temporary key.
Said, in addition to the advantages you found, I would like to add that VPNs are great for accessing blocked websites or for bypassing Internet filters. Also if you need an IP address from another country, then a VPN can provide you this.
Brou,
I agree with you. I also think this advantage of the VPN can be also a disadvantage in a security point of view. In fact, obtaining IP address from other countries has positive and negative points. Some hackers use it remain hidden.
Employees can use VPN provided by the company to remotely access resources on their network when they are at home or traveling. They can use VPN to share files, online anonymity, unblock websites and bypass filters, change IP address, better performance and reduce maintenance costs.
What is OSI model? What’s the main function of each OSI layer?
The Open Systems Interconnection model (OSI model) is a conceptual model that characterizes and standardizes the communication functions of a telecommunication or computing system without regard to their underlying internal structure and technology. Its goal is the interoperability of diverse communication systems with standard protocols. The model partitions a communication system into abstraction layers. The original version of the model defined seven layers.
Host layers:
Application: High-level APIs, including resource sharing, remote file access
Presentation: Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption
Session:Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes
Transport: Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing
Media layers:
Network: Structuring and managing a multi-node network, including addressing, routing and traffic control
Data link:Reliable transmission of data frames between two nodes connected by a physical layer
Physical: Transmission and reception of raw bit streams over a physical medium
Resource: https://en.wikipedia.org/wiki/OSI_model
Wenlin,
Good job categorizing the layers further. And you are right about the reliability provided by the Data Link layer. I think it is important to have an extra layer of assurance that the data is transmitted correctly, in the right order and according to the protocol requirements. If there is an error in any of the other layers, Data Link layer fixes it and resends the packets.
What are the advantages of VPN?
The advantages of using a VPN is that content you access on the internet and anything sent to a website is encrypted and routed through vpn. When a connection is encrypted it stops people from monitoring your connection. So all data send to website can’t be read by anyone except the VPN provider. When a connection is not encrypted a attacker could preforming a mitm(Man in the middle attack) where the attacker can view all data that is not encrypted that you send to the website including usernames and passwords.
Resource: http://security.stackexchange.com/questions/75799/what-are-the-advantages-to-using-a-vpn-over-secured-trusted-wifi
Hi Wenlin,
You mentioned that VPN’s are good at protecting against Man in the Middle Attacks. While I did know that “bad guys” can monitor an individual’s web traffic to potentially pick up any usernames and passwords, I didn’t know that “bad guys” could sit in-between a user and the internet. According to the video I linked below, man in the middle attacks not only have a view of web traffic but they can also provide prompts to gain information such as usernames and passwords. I can see how a VPN would eliminate such attacks through encryption, especially for businesses who utilize the internet for their work.
Link: https://www.youtube.com/watch?v=zy-ZpVA3v3I
What is OSI model? What’s the main function of each OSI layer?
OSI (Open Systems Interconnection) is reference model for how applications can communicate over a network. It has seven layers.
1) Physical: allows the transmission and reception of the unstructured raw bit stream over a physical medium and describes the electrical/optical, mechanical, and functional interfaces to the physical medium, and carries the signals for all of the higher layers.
2) Data link: provides error-free transfer of data frames from one node to another over the physical layer, allowing layers above it to assume virtually error-free transmission over the link.
3) Network: controls the operation of the subnet and direct the path of the data according to network conditions.
4) Transport: responsible to deliver messages without errors and no losses.
5) Session: allows sessions establishment between processes running on different stations.
6) Presentation: acts like a translator as it formats the data to be presented to the application layer.
7) Application; supports application and end-user processes by identifying communication partners, determining resource availability, and synchronizing communication.
Source: https://support.microsoft.com/en-us/kb/103884
What is OSI model? What’s the main function of each OSI layer?
According to the text, the OSI model is a seven-layered model that describes “how to build applications, protocols, and equipment that move data from your application to the physical wire, across hundred or thousands of miles, to an application on the other side”. To put simply, this model standardizes how computers communicate with one another within a network and should be utilized in the development of a network. The description from the text of the 7 OSI layers are listed below:
Layer 1 – Physical: Defines the physical link, cabling, and binary transmission (aka high pulse/low pulse)
Layer 2 – Data Link: Links data packets from one location to another.
Layer 3 – Network: Routes packets between networks.
Layer 4 – Transport: Makes sure that data arrives to its destination without any errors.
Layer 5- Session: Deals with the setup and management of sessions between computer applications
Layer 6 – Presentation: Handles formatting, encryption, compression, and presentation of data to the application.
Layer 7 – Application: User interface for displaying data.
After doing a little bit of research online for the OSI model, its apparently rarely used completely and to its fullest potential. Network developers might adopt one or two portions of the OSI model, but not the whole thing.
I did some research to find out some advantages and disadvantages to the OSI model and below is what I found:
Advantages:
•Provides wide variety of choice.
•Does not depend on a specific computer system.
•interprets the product functionality at each-stage.
•Encrypts the data for security.
•Allows for the addition of multiple-network models.
Disadvantages:
•Many applications do not require/need the data integrity (which is typically provided by OSI-model).
•In order to quickly set up the OSI model, you will need an agreement between three-parties (users and the service provider).
•Overall, the OSI Model is Complex to configure and work with
•This model is not adapted at all to telecommunication applications on computer.
source: http://www.whatisnetworking.net/tag/advantages-and-disadvantages-of-osi-model/
Hi Ian,
Thanks for the summary of the advantages and disadvantages of the OSI Model. Just looking at the model in our text, it seems the the entire model is very vague with alot of references to different protocols. For example, the application layer references the HTTP, File Transfer Protocol (FTP), Simple Main Transport Protocol (SMTP), or Telnet. Therefore, it would make sense that the OSI model is complex to configure and work with since one has to understand all the different protocols. With that being said, as Alex has stated below, the OSI model still serves as a framework due to it being general in nature.
Paul, although the protocols associated with the OSI model are rarely used any more, the model itself is actually quite general and still valid, and the each layer functions are still very important.
What are the advantages of VPN?
A Virtual Private Network, VPN for short, is a network commonly used to “travel” safely across the internet. This occurs by establishing a connection between two networks as if those networks were directly connected to one another and not traveling over the internet. This connection offers security and privacy since the traffic across the VPN is encrypted, the transmitted data is protected by some security protocols, and that the remote computer requires authentication before gaining access. For organizations, VPNs allow users to gain access to a company’s network even when they might be on a different, unsecured network. Due to the security characteristics of the VPN, users don’t have to worry about “bad guys” from collecting their web traffic and data. In today’s world, VPN’s are just as important as ever since most devices are mobile and businesses want their employees to access applications/data from anywhere they can. Especially as IT auditors who work remotely at a client’s site, VPNs are critical in making sure that confidential data on an audit is not accessed by anyone unauthorized.
Hi Paul,
Really good explanation of VPN and I especially like what you mentioned about how organizations can implement the feature of VPN to gain security control and access to different network. If an organization use VPN, they will have a lower cost other types of configurations. And you mentioned how IT auditors can be benefited by using VPN as well. IT auditors needs to ensure the confidentially of the data of their clients on an audit.
What is OSI model? What’s the main function of each OSI layer?
OSI models can be used not just to understand how computer networks work but also how two computers communicate with each other. OSI model explains from user experience to all the way down to the electrical signals travelling in wires, and it does this in form of different layers.
Application Layer: This is basically software application. User looking at different applications on the computer. For e.g.: Google Chrome, Firefox, Microsoft outlook. This is basically software applications and this layer is closest to the user experience.
Presentation Layer: This is a layer what the operating system works on. This layer converts the user text and numbers into machine language (for eg: ASCII). It also encrypts data to protect it.
Session Layer: A session is basically a conversation between two computers. This layer is responsible for starting and ending sessions. For e.g.: if you want to get some data from a website, this layer will create a session between your computer and the web server. During the session, it will try to maintain the communication and if the connection is broken, it will help reestablish it. Eventually, it will also end the session.
Transport Layer: Whenever a computer sends data, it sends it in packets. This layer ensures that the packets are delivered reliably and in a proper order. It also breaks down packets into smaller units as required by different protocols.
Network Layer: This layer determines best route for data. There are many different routes (options) for a data to travel from one end to the other. This layer determines the fastest and the most reliable route for the data to travel.
Data Link Layer: This layer is responsible for checking errors in the data or if something went wrong in the above mentioned layers. For e.g.: if there was an error in the data, this layer will resend the data to ensure reliable transmission of data.
Physical Layer: Cable, fiber optics, etc. any electric signals or transmission of data is a part of physical layer in the OSI model.
Source: http://www.webopedia.com/quick_ref/OSI_Layers.asp
Transport layer: Segments
Network Layer: Packets
Data Link Layer: Frames
Physical Layers: Bits
The advantages of VPN are as follows:
Security:
Local security applications like antiviruses and firewalls are not enough to protect. An external solution that provides a separate layer of protection is needed and this is where VPN comes in the picture. As a general rule, no network should be considered safe, especially the public networks (public Wi-Fi) as the flow of communication is passed through many routers/access points. VPN adds an extra layer of security as VPN connection is encrypted. If suppose, there is a Man-in-the-Middle attack, the attacker will only be able to see inexplicable data.
Restricted Access:
In certain countries, online broadcasters restrict access to clients in certain geographical areas. VPN allows its users to circumvent these geographical restrictions. For e.g.: in countries like China where access to certain websites are restricted, a VPN can be used to access anything online as long as you are connected to a VPN. In terms of securing data, an organization can use VPNs to only allow the VPN network to connect to private sensitive resources.
Privacy Protection:
As soon as we are connected online, we start leaving traces (digital footprints). VPN provides online anonymity by hiding IP addresses and personal details. For e.g.: People who are political activists are recommended to use VPN because of the frequent violation of their privacy.
Source: https://vpntunnel.com/faqs/top-five-vpn-advantages-benefits/
Geographical restricted content can be frustrating to face sometimes. I recall the countless number of times where even watching some Youtube videos would be blocked because the content was not available in my geographical region.
You are right, some geographical regions are not allowed to access some oversea websites. One example is the Great Firewall of China (GFW), indeed, the GFW positively protects the internet users in mainland China from some sorts of online attacks from oversea unknown IP address, but it also blocked some widely used websites like the YouTube and Facebook.
Q2 What are the advantages of VPN?
A2
A virtual private network, as the name suggests, is a private network that extends across a public network or internet. It enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. VPNs can usually increase privacy and security. To prevent disclosure of private information, VPNs normally allow only authenticated remote access using tunneling protocols and encryption techniques.
The advantages of a VPN connection can be listed as :
• Confidentiality – Since the data transmitted over VPN is encrypted, it provides confidentiality such that even if the network traffic is sniffed at the packet level, an attacker would only see encrypted data
• Authentication : VPNs require authentication, thereby preventing unauthorized users from accessing the VPN
• Integrity : Message integrity to detect any instances of tampering with transmitted messages
Nice way of defining the advantages in terms of CIA concept.
I really liked how you explained the advantages of VPN through the CIA concept as well. However, do you mind explaining how message integrity detects instances of tampering?
Glad you brought that up, Yang Li. The protocols underlying VPN connections is IPsec or SSL. These protocols provide tamper detection. What this means is that you can’t alter the message without detection as SSL uses Message Authentication Codes. To understand more about how Message Authentication Codes work, you might want to take a look at- https://en.wikipedia.org/wiki/Message_authentication_code.
Nice post! On the other hand, VPN also brings security issues. People can use VPN download movies and musics illegally. and break the rule of locations that may limit access to some areas. It is true that VPN makes people communicate easier and work more efficiently, but those exited threats and risks and potential risks should not be ignored.
Q1. What is OSI model? What’s the main function of each OSI layer?
The OSI model describes how data moves from one system to another and helps us understand how to build applications, protocols, and equipment that move data. The seven layers of this model include:
1. Physical: Defines the physical link, cabling, and binary transmission. Modulation and flow control occur here.
2. Data Link: Links data on hosts from one location to another, typically on the LAN. Switches and bridges operate at this later, typically using MAC addresses.
3. Network: Routes packets between networks. Routers operate at this layer typically using IP addresses.
4. Transport: Deals with transport issues, such as getting to the destination in one piece, and error control.
5. Session: Deals with the setup and management of sessions between computer applications.
6. Presentation: Handles formatting, encryption, compression, and presentation for the data to the application.
7. Application: Represents the end user application, such as HTTP or FTP.
Nice explanation Annamarie.
Q2. What are the advantages of VPN?
Some advantages of a Virtual Private Network include:
-Security: Data is encrypted and kept away from those who should not have access to it.
-Remote Control: Allows data to be accessed from wherever you are.
-Bypass Filters/Blocks: Can access blocked websites and bypass filters.
-File Sharing: Can be useful to groups that need to share files for a long period of time.
What is OSI model? What’s the main function of each OSI layer?
The OSI model is a benchmark standard created to get third party vendors to develop protocols that are matched to the seven “layers” of the model. The goal is to have many different equipment and software manufacturers develop and implement equipment that will interface with equipment developed by competitors. The model helped create an international networking standard. It is comprised of seven logical “layers” that communicate with each other.
Each layer of the model is designed to separate each section based upon what is happening to the data.
Layer 1 – Physical Layer – Is the layer at which hardware transmits and receives the data as some type of signal.
Layer 2 – Data Link – Is the layer that transmits the data across the physical layer. Associated with the MAC address.
Layer 3 – Network – Is the layer at which IP addressing is used.
Layer 4 – Transport – Is the layer that transmits data reliably and checks “ACK” of data receipt.
Layer 5 – Session – Is the layer that establishes and maintains connections known as sessions.
Layer 6 – Presentation – Is the layer that converts data into a format acceptable for the application layer. Encryption and decryption take place at this layer.
Layer 7 – Application – Is the layer at which an interface is created to communicate with the system. This is the layer where a user interacts with a system.
What are the advantages of VPN?
A VPN is a Virtual Private Network. A VPN allows users outside the physical network to access the network logically. This allows a business to efficiently extend the reach of the network and its resources. A VPN also allows a business to utilize the concept of “telecommuting” with employees. This can save costs for the business and allows workers to conduct their jobs from outside the physical location of the business and gives workers efficient mobility while also maintaining network security as much as feasibly possible. Implementing a VPN means a business should institute anti-virus and remote access policies at a minimum. The business may also want to set up a “quarantine zone” so whenever an employee logs into the VPN, and a system check determines the anti-virus software is not-up-to-date for example, users will be directed to the zone to preserve the integrity of the VPN and local network.
We are only seeing positive sides of the VPN. What about criminal organizations who use it?
In what sense Said? Hackers going after users of a VPN, or an actual criminal enterprise?
Hi, Said
Absolutely, there are cons of VPN:
1. Reduced Internet connection speed
2. Reduced Connection Reliability
-more points of possible failure= less reliable
3. May provide less bandwidth than a dedicated line solution
4. Different VPN manufactures may comply with different standards
OSI is an ISO developed networking model determines how data moves between networks. The data travels through the 7 layers of OSI model and is governed by a protocol of data is packaged and sent to the next layer.
Physical layer – Electronic Connection – This layer defines how raw data travels in forms of bits and bytes in form of electronic signals through a transmission media like a fiber optic or radio frequency. This is the lowest level of networking. IT uses physical devices like modems, network hubs, repeaters.
Protocols :Fiber optic or wireless mode
Data Link layer – Communication between nodes- This layer defines data that transfers from node to node. IT takes data from Layer 1, corrects in case of errors. It defines protocol that must be used in layer 1. This layer has two sub layers –
One, MAC – layer responsible for controlling how devices get access to a physical medium and permission to transfer data.
Two, Logical Link Layer – This layer is responsible for encapsulating data, checking errors and frame synchronization and identifying network protocols
Protocols:Ethernet, PPP, SLIP, FDDI
Network layer -Communication across networks- This layer defines data transfer in same network between different nodes. It transfers Logical address to physical address.The data packet in this layer consists of the message body, address of next node and routes message to nodes in the network to route them through the path to reach final destination node.
Protocols:IP, IPSec,ICMP,IGMP
Transport Layer – Data transfer between networks – This layer transfer data from one node to another between two networks. IT manages segmentation to handle large length of data and checks for errors and submits acknowledgement in case of success of transfer.
Protocols: TCP, UDP
Session Layer-Session Management – This layer manages connections between computers, between the local and remote applications.
Protocols: API’s , sockets
Presentation layer – Format conversion -This layer formats data and translates data from software application into network understandable format.This layer formats and encrypts data and inserts control information.
Protocols: SSL, IMAP, FTP
Application layer – Interface between applications- This layer first receives the data. IT is the link between local software applications and internet, identifying communication partners, determining resource availability, and synchronizing communication. It identifies the communication partners, quality of service , user authentication and privacy, constraints on data syntax.
Protocols: HTTP, SSH, DCH
Well explained, Priya. I liked that you have mentioned the associated protocols for each layer. I’d like to add that the ARP (Address Resolution Protocol) is also one of the protocols which is used to translate IPv4 or internet layer addresses (OSI layer 3) into link layer or Ethernet MAC addresses (OSI layer 2).
Priya,
Great post, I like how you segmented out the different protocols from each layer. I was talking to someone in my company’s IT department, and a point he made was that the OSI model gives some framework to an IT worker who is trying to sort out an issue. For example, if users lose access to email, whoever is trying to fix the issue can work from the physical layer, check the cabling, and work up to spot the issue.
2. What are the advantages of VPN?
Virtual Private Network, or VPN, is a group of computers (or discrete networks) networked together over a public network—namely, the internet. The following are the advantages of VPN:
• Create private scope of computer communication
• Helps in remote connection to data centers
• Secure data transmission through encryption
• Helps in sharing files across the group for a period of time
• Access to web applications and websites in complete anonymity
• VPN provides change of IP address in case there is a need for an IP from location other than base.
• Provides better bandwidth and efficiency of the network
• Low maintenance cost
Great post, Deepali ! You’ve covered all the advantages of VPN very well. Could you tell how VPN provides better bandwidth and efficiency of the network or are you referring to the bandwidth or efficiency being better generally of an organization’s intranet as I was of the opinion that VPN won’t really enhance the bandwidth.
What is OSI model? What’s the main function of each OSI layer?
OSI (Open Systems Interconnection) is reference model for how applications can communicate over a network. It allows vendors and developers to manage interoperability of the digital communication products and software programs they create.
It has 7 layers:
Physical layer: This layer conveys the bit stream such as electrical impulse, light or radio signal through the network at the electrical and mechanical level. It provides the hardware means of sending and receiving data on a carrier. Protocols: Fast Ethernet, RS232,and ATM
Data Link Layer: This layer helps in handling errors in the physical layer, flow control and frame synchronization. The data link layer is divided into two sub layers: The Media Access Control (MAC) layer and the Logical Link Control (LLC) layer. The MAC sub layer controls permission for a system to gain access to the data on the network. The LLC layer controls frame synchronization, flow control and error checking.
Network Layer: This layer provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. It is also responsible for error handling, congestion control and packet sequencing.
Transport Layer: This layer provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control.
Session Layer: This layer establishes, manages and terminates connections between applications. It deals with session and connection coordination.
Presentation Layer: This layer works to transform data into the form that the application layer can accept. It formats and encrypts data to be sent across a network, providing freedom from compatibility problems. It is also called the syntax layer.
Application Layer: This layer supports application and end-user processes. Everything at this layer is application-specific. This layer provides application services for file transfers, e-mail, and other network software services. Telnet and FTP are applications that exist on this layer
What is OSI model? What’s the main function of each OSI layer?
The Open System Interconnection(OSI) reference model created by International Organization for Standardization(ISO) describes how a data is transmitted across the network. It defines how the network processes function, what the components are in the network and also how the data is transmitted.
This layered approach
1. Reduces complexity
2. Standardizes interfaces
3. Facilitates modular engineering
4. Ensures interoperable technology
5. Accelerates evolution
6. Simplifies teaching and learning
There are 7 layers in OSI model:
1. Application : This is the layer at which user communicates with the computer. This layer identifies and establishes the availability of the communicating devices and checks if enough resources are available to for the intended communication and establishes agreement on procedures for error recovery and control of data integrity. This layer provides network services to the application of the user like email, file transfer and terminal emulation. Provides user authentication.
2. Presentation: This layer ensures that the information send by the application layer of one system is readable by the application layer of the other system by providing the translation service. It formats, structures and provides encryption to the data. Example: jpeg, pict, mpeg, quicktime.
3. Session: This layer is responsible for establishing, managing and terminating the session between the communicating devices. This layer keeps different application data separate from the other application data. Examples of session layer protocols are: NFS(Network File System), SQL.
4. Transport: The transport layer segments the data from the system of sending host and reassembles the data into data stream on the system of the receiving host. It ensures data transport reliability through fault detection and recovery information flow control. Example: TCP/IP, UDP protocols
5. Network: This layer provides connectivity and path selection between 2 hosts on 2 different networks. It manages connectivity, provides logical addressing and path selection. When packets are received, destination IP address is checked. Examples of routing protocols are RIP, OSPF, EIGRP.
6. Data Link: This layer ensures that messages are delivered to proper devices. The message is formatted into data frames. It includes error detection to ensure reliable delivery of data. The Ethernet data link has two sublayers: Logical Link control(LLC) and Media Access Control (MAC protocols)
7. Physical: In physical layer data is sent and received in bits, It defines electrical, mechanical, procedural, and functional specifications for activating, maintaining and deactivating the physical link.
Source: Introduction to Cisco Networking Technologies Volume 1.
What are the advantages of VPN?
VPN (virtual private network) creates secure connection to another network over the internet. It keeps the connection private, encrypted and anonymous.
1. VPN provides internet anonymity for all the users connected to it by encrypting the data from the computers or other mobile devices before connecting to the internet. So the actual source is kept as a secret and sensitive information ie PII cannot be traced by hackers and government agencies.
2. It masks IP address thus reducing DDOS attack, hacking possibilities.
3. It hides the user’s geo location. Thus it can be used to create an impression that the user is browsing from a different location and also allowing to access geo- blocked websites.
4. Thus the VPN helps to bypass filters and access blocked websites.
5. Better streaming performance
6. Accessing local network resources remotely, especially if you are travelling and want to have access to office network or home network.
You’re right, and I want to add something about the advantages – its scalability. Virtual Private Networks are very flexible in terms of growing with the company and adding new users to the network. This type of infrastructure allows for scalability without having to add new components to accommodate the growth. This is also very helpful for reducing cost.
Advantages of VPN
1. The main purpose of VPN is to have a secure connection which can be connected remotely over a Internet Protocol Security.
2. VPN offers higher level of security as the VPN needs authorized access to connect to the network.
3. VPN is comparatively low cost than any other configuration to remote connect over secure link.
4. It is easy to add more nodes in the existing VPN network. IT does not cost anything or does not need additional components.
5. VPN communications are encrypted
6. VPN service can make it easy to share files for a group of people for long periods
7. Performance can be greatly increased in terms of bandwidth
Hi Priya,
Great post, I liked how you summarized the advantages of VPN very briefly. I would like to add that VPN allows internet users to access to unrestricted resources if the IP is blocked from somewhere.
What are the advantages of VPN?
VPN is a technology which creates a virtual private network to which end users are connected via an encrypted channel.. VPN has three main advantages for the internet users, higher security, privacy protection and access to restricted resources.
Security:
Compared to direct connection, VPN provides a external security to protect personal data . VPNs secure the otherwise insecure connection between you and remote resources. VPNs should be used especially in public networks such as WiFis. This is because the communication flow passes through numerous points (routers) and for an attacker is sufficient to compromise any one of these points in order to compromise the communication channel and its information flow.
However, with VPN, even if the communication channel is compromised, ones cannot be harmed or the harm will be because the VPN connection is encrypted and cannot be decrypted and thus read. When an attacker captures VPN traffic he will be able to see only incomprehensible characters going from you to a VPN server. Thus, the attacker is not even able to see to the remote resources (sites, chats, etc).
Privacy protection:
As soon as ones are connected online with your pc or mobile phone, they are leaving traces such as the IP address and Internet service provider. This ultimately reveals essential personal information. Instead, to protect your privacy you should use VPN again. Thus, with VPN whenever visit web sites, listen to radio, chat, etc. you will be identified with the VPN provider, i.e. his IP address, location etc. Essentially, the vpn user’s IP address and personal details will remain hidden.
Access to restricted resources:
Sometimes service providers such as online radios, TVs, etc restrict access only to clients within certain geographical areas or Internet service providers. Other times company policies prevent employees to connect to generally available sites or resources such as Facebook. Such not always reasonable restrictions leave you with no option but to use VPN. VPNs have multiple points of presence in different geographic regions. The fact that you are identified only with the VPN provider allows you to circumvent any geographical restrictions.
Source:
https://vpntunnel.com/faqs/top-five-vpn-advantages-benefits/
Nice post! In addition, VPN makes IP address so that reducing DDOS attacks and possibilities of hacks. it also hides users geo-location, so that can be used to create an impression that the user is browsing from a different location and also allowing to access geo-blocked websites.
Good post Yu Ming, it is informative. have something want to add is about the disadvantage. ‘ve got a yearly subscription to a VPN service which is real quick and from the research I did at the time seems to be pretty legitimate, but are there any disadvantages or scenarios where you perhaps shouldn’t use a VPN?
I’m from the China and I usually just have the VPN setup to automatically route everything through a VPN server located in Fuzhou Fujian.
If for example, say that I want to connect to my online bank account, am I putting my credentials and packets are risk by having them sent over the VPN server? – I’m assuming that the banks login page is pretty secure already so by routing through a VPN server am I creating extra risk by routing over this third party?
What is OSI model? What’s the main function of each OSI layer?
OSI Model
1. Describes how data moves from one system to another system.
2. describe how to build applications, protocols, and equipment that move data from your application to the physical wire, across hundreds or thousands of miles, to an application on the other side.
OSI model contain seven layers and each layer has different function.
Layer 1: Physical
Defines the physical link, cabling and binary transmission. Also deals with Modulation and flow control
Layer 2: Data link
Links data on host from one location to another, typically on the local area network (LAN) but sometime on wide area network (WAN)
Layer 3: Network
Routes packets between networks
Layer 4: Transport
Deals with transport issues such as getting to the destination in one piece and error control
Layer 5: Session
Deals with setup and management of sessions between computer applications
Layer 6: Presentation
Handles formatting, encryption, compression and presentation of data to the application
Layer 7: Application
Represents the end user application such as HTTP, file transfer protocol, simple mail transport protocol or telnet
Source:
IT auditing: Using Control to Protect Information Assets
1. What is OSI model? What’s the main function of each OSI layer?
OSI stands for open systems interconnection. it was created to help standardize communication between computer systems. it defines a networking framework to implement protocols in seven layers.
1) the physical layer: defines the electrical and physical specifications of the data connection. Physical examples include Ethernet, FDDI, B8ZS, V.35, V.24, RJ45.
2) the data link layer: provides node-to-node data transfer, a link between two directly connected nodes. Data Link examples include PPP, FDDI, ATM, IEEE 802.5/ 802.2, IEEE 802.3/802.2, HDLC, Frame Relay.
3) the network layer: provides the functional and procedural means of transferring variable length data sequences from one node to another connected to the same network. Network examples include AppleTalk DDP, IP, IPX.
4) the transport layer: provides the functional and procedural means of transferring variable-length data sequences from a source to a destination host via one or more networks, while maintaining the quality of service functions. Transport examples include SPX, TCP, UDP.
5) the session layer: controls the dialogues (connections) between computers. Session examples include NFS, NetBios names, RPC, SQL.
6)the presentation layer: establishes context between application-layer entities, in which the application-layer entities may use different syntax and semantics if the presentation service provides a mapping between them. Presentation examples include encryption, ASCII, EBCDIC, TIFF, GIF, PICT, JPEG, MPEG, MIDI.
7) the application layer: is the OSI layer closest to the end user, which means both the OSI application layer and the user interact directly with the software application. Application examples include WWW browsers, NFS, SNMP, Telnet, HTTP, FTP
http://www.webopedia.com/quick_ref/OSI_Layers.asp
https://en.wikipedia.org/wiki/OSI_model#Layer_1:_Physical_Layer
Agree with you Yulun,
The first layer of the seven layers of Open Systems Interconnection (OSI) network model is called the Physical layer.
The second layer of the seven layers of Open Systems Interconnection (OSI) network model is called the Datalink layer.
The third layer of the seven layers of Open Systems Interconnection (OSI) network model is the Network layer. The fourth layer of the seven layers of Open Systems Interconnection (OSI) network mode is the Transport layer.
The position of Session Layer of the Seven Layered Open Systems Interconnection (OSI) model is between Transport Layer and the Presentation Layer.
the presentation layer: establishes context between application-layer entities, in which the application-layer entities may use different syntax and semantics if the presentation service provides a mapping between them. Presentation examples include encryption, ASCII, EBCDIC, TIFF, GIF, PICT, JPEG, MPEG, MIDI.
the application layer: is the OSI layer closest to the end user, which means both the OSI application layer and the user interact directly with the software application. Application examples include WWW browsers, NFS, SNMP, Telnet, HTTP, FTP
2. What are the advantages of VPN?
VPS stands for virtual private network. It is a group of computers networked together over a public network (the internet). VPS secures the computer’s internet connection to guarantee that all of the data we are sending and receiving is encrypted and secured. Student/worker can use provided VPN from their school or company to access resources on their network when they’re at home or traveling. Other advantages include share files, online anonymity, unblock websites and bypass filters, change IP address, better performance and reduce maintenance costs.
sorces: https://www.ibvpn.com/2010/02/8-advantages-of-using-vpn/
http://lifehacker.com/5940565/why-you-should-start-using-a-vpn-and-how-to-choose-the-best-one-for-your-needs
The OSI, or Open System Interconnection model is a conceptual networking model of how network systems are supposed to communicate to each other. The model breaks down different components of network communication into layers. The model consists of 7 layers :
1) Application layer : This is the layer that the user interacts through. Application-layer functions typically include identifying communication partners, determining resource availability, and synchronizing communication. This layer supports application and end-user processes Eg: Browser, Email client.
2) Presentation layer : The presentation layer establishes context between application-layer entities, in which the application-layer entities may use different syntax and semantics if the presentation service provides a mapping between them. This layer provides independence from data representation (e.g., encryption) by translating between application and network formats. The presentation layer transforms data into the form that the application accepts. This layer formats and encrypts data to be sent across a network. It is sometimes called the syntax layer.
3) Session layer : The session layer creates, manages and terminates the connections between computers (local and remote computer).
4) Transport : The transport layer Decides how much information should be sent at one time. Deals with the transport of data back and forth from a source to a destination host via one or more networks, while maintaining the quality of service functions.
5) Network : The network layer provides the functional and procedural means of transferring variable length data sequences (called datagrams) from one node to another connected to the same network. It translates logical network address into physical machine address. Network layer is involved in structuring and managing a multi-node network, including addressing, routing and traffic control. Routers operate at the network layer
6) Data link : The data link layer provides node-to-node data transfer—a link between two directly connected nodes. It detects and possibly corrects errors that may occur in the physical layer. It, among other things, defines the protocol to establish and terminate a connection between two physically connected devices. It also defines the protocol for flow control between them. Eg: Switches
7) Physical : The physical layer defines the electrical and physical specifications of the data connection. It defines the relationship between a device and a physical transmission medium. Eg. Wiring/cabling
Source : https://en.wikipedia.org/wiki/OSI_model
What are the advantages of VPN?
VPN stands for Virtual Private Network, it is a network technology that creates a secure network connection over a public network such as the Internet or a private network owned by a service provider.
VPN has the following advantages:
1. Data is kept secured and encrypted when you connect to the network through a VPN.
2. VPN increases productivity because with the remote control feature, the information can be accessed anywhere remotely.
3. With the VPN service, it makes convenient for people sharing files for long period of time.
4. VPN Allows people to access both web applications and websites anonymously.
5. VPN services are very useful for accessing blocked websites or for bypassing internet filters, especially for counties where internet censorship is applied.
6. VPN can provides people with change IP address if needed.
7. VPN solution provides better performance because it increases bandwidth and efficiency of the network.
8. Implement VPN reduces maintenance cost.
Source: https://www.ibvpn.com/2010/02/8-advantages-of-using-vpn/
Agree with you, VPN has many advantages, but it also provide some opportunities for bad guy to hide themselves from being investigated as VPN Allows people to access both web applications and websites anonymously.
What are the advantages of VPN?
A VPN allows companies to securely transit data to an external network/device. Data transmitted through a VPN is encrypted so even if it is compromised, it is still safe. Businesses often need to access and transmit data to a remote server, or allow an employee to access a network from another location. Even with a secure infrastructure there is still the possibility of an intrusion, which increases when data travels remotely. A VPN is is an important component to information system security and provides many advantages including:
* Save money by allowing employees to work remotely by lowering traveling costs and office space
* Increase productivity because employees can access the network anywhere in the world securely
* Securely connect geographically dispersed corporate locations
* Works with most protocols, so it is easy to deploy and use – saves money by not needing a secure line
* User friendly
* Anonymity Can change an IP address, can be important depending on the data or if an employee is in
foreign country
* Low cost
What is the advantage of VPN?
Firstly, what is the VPN?
A Virtual Private Network (VPN) is a method used to add security and privacy to private and public networks, like WiFi Hotspots and the Internet. VPNs are most often used by corporations to protect sensitive data.
Then, how it works?
VPN allows you to have your connection encrypted and secure to become anonymous online and to keep your traffic data private and safe from hackers, government censorship, and other dangers of the internet. VPN also helps you get access to to block content because of geolocation, some online content such as video, music, news, search engines, etc. maybe unavailable from certain countries and locations. Using a VPN service allows you to log into a server located in a place from where the content is available.
lastly, what is the value?
The VPN gives you privacy freedom and security. It is very useful when you do your online banking, use WIFI hotspots shopping online, etc.
but something you needs to notice that not all VPN service providers are worth your trust.
Source:
https://technet.microsoft.com/en-us/library/cc779919(v=ws.10).aspx
https://www.youtube.com/watch?v=rFg7TSwVcL4
You are absolutely right! Even though VPN has so many advantages but not all VPN service providers are trustworthy. It’s very important to find the best VPN service for your needs. Things should be take into consideration such as:
-What Protocols Do They Support?
-How Many Servers Do They Have and Where?
-How Many Concurrent Connections Are Allowed?
-Do They Throttle Connections, Limit Bandwidth, or Restrict Services?
-What Kind of Logs, If Any, Do They Keep?
-What Payment Methods Do They Offer?
-Do They Have a Kill Switch System?
Source: http://www.howtogeek.com/221929/how-to-choose-the-best-vpn-service-for-your-needs/
Those are good questions to ask if your client is using a VPN service provider…
Like your approch to answer the question one step further…
Great points Jianhui, VPN gives you the ability to work without being bother and track. You are anonymous online like you said when connected to the VPN and you are safeguard against attackers. It is a good way to work if you do not want anyone monitoring what you do and it certainly helps sometimes to be under the radar. Being able to access the VPN from anywhere is also a plus and gives you the freedom to work anywhere and not being constantly monitor. It also gives you the ease of mind to know that you are secure and attackers cannot access what your working on.
What is OSI model? What’s the main function of each OSI layer?
* The OSI model is a reference/framework for vendors/developers to create products with interoperability. It is the primary method of communication between two endpoints in a telecommunication network. The model is comprised of seven layers from which data flows from one application to another, passing through each layer.
* Layer 7: The application layer: communication partners are identified and serves as a gateweay for the
application to access the network
* Layer 6: The presentation layer: essentially a translator because it translates the data from the
application’s format into a common format to send, and then the is translated again at the receiving end
* Layer 5: The session layer: facilitates a connection between processes on different networks/machines
* Layer 4: The transport layer: moves the message from one application to its destination error free
* Layer 3: The network layer: accurately directs and routes the data in the correct direction, and also for
incoming messages
* Layer 2: The data-link layer: transports data from each node over the physical layer
* Layer 1: The physical layer: Hardware which carries the message through the network
What is OSI model? What’s the main function of each OSI layer?
OSI stands for Open System Interconnection, OSI model is a standard reference model for communication between two end users in a network.
ISO has 7 layers, each layer has well defined functions. Seven layers are divides into two groups. The low layers (1, 2, 3 and 4) are transport service layers, they are necessary to the routing of information between the two concerned ends and depend on the physical medium. The higher layers (5, 6 and 7) are responsible for the data processing relative to the management of exchanges between information processing systems. Layers communicate with adjacent layers only, it allows layers to change without effecting other layers, as long as compatible with adjacent layers.
Layer 1—The physical layer:
This layer transmits bits from one computer to another and regulates the transmission of a stream of bits over a physical medium. This layer defines how the cable is attached to the network adapter and what transmission technique is used to send data over the cable.
Layer 2—The data-link layer:
This layer package raw bit from the Physical layer into frames (logical, structures packets for data). It is responsible for transferring frames from one computer to another, without errors. After sending a frame, it waits for an acknowledgment from the receiving computer.
Layer 3—The network layer:
This layer handles the routing of the data, addresses messages and translates logical addresses and names into physical addresses. It also determines the route from the source to the destination computer and manages traffic problems (flow control), such as switching, routing, and controlling the congestion of data packets.
Layer 4—The transport layer:
This layer handles error recognition and recovery, manages the end-to-end control (for example, determining whether all packets have arrived) and error-checking. It ensures complete data transfer.
Layer 5—The session layer:
This layer allows applications on different computers to establish, use, and end a session/connection. This layer establishes dialog control between the two computers in a session, regulating which side transmits, and when and how long it transmits.
Layer 6—The presentation layer:
This is a layer, usually part of an operating system, that converts incoming and outgoing data from one presentation format to another (for example, from a text stream into a popup window with the newly arrived text). This layer also manages security issues by providing services such as data encryption and compression. It’s sometimes called the syntax layer.
Layer 7— The application layer:
This is the layer at which communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified. It represents the services that directly support applications such as software for file transfers, database access, email, and network games.
Source: http://nhprice.com/what-is-ios-model-the-overall-explanation-of-ios-7-layers.html
Two mnemonics to help you remember the seven layers.
1. All People Seem To Need Data Processing
2. Please Do Not Tell Sales People Anything
Thank you for sharing that!
Great answer, Wen Ting. I especially liked the mnemonics you shared. Would you say that a part of the Operating system could be considered as a presentation layer ? A core Network guy I know, seems to refuse to believe that the OS has anything to do with the OSI model.
Great mnemonics! Wenting! but I want to learn more about how the second mnemonic can help me remember the seven layers? Do not tell the sales people anything, and what does it connect with the OSI model and what does anything mean to you?
Hi, Yu Ming
I actually found this online, it’s shared in one of the tutorial video. I thought it’s interesting so I would like to share with everyone. Back to your question, I don’t think “Please Do Not Tell Sales People Anything” connects with the OSI model be honest. Maybe because sales people and consumers like us are two parties like two end users in a network which we need to communicate?? I think it really depends on what makes you remembers the first letter of each seven layers of the OSI model. Another one I found is “Please Do Not Throw Sausage Pizza Away”.
Good post, I like the mnemonics you shared very much. Would you say that a part of the Operating system could be considered as a presentation layer ? one of my friends, seems to refuse to believe that the OS figured out the OSI model.
What is OSI model? What’s the main function of each OSI layer?
Layer 1: Physical Layer
This is first layer in ISO model, represents physical characteristics of operating system communication channel including electronics specifications and optical signals used for communication. It manages network media types like CAT5 Twisted Pair, SFP Optical Fiber, connection interface characteristics, and any other specification for putting transmission signals on physical media. However, data transmission over physical media is function of Layer 2 while layer 1 is confined to physical aspects of the transmission media.
Layer 2: Datalink Layer
The DLL (Data Link Layer) resides between physical layer and Network layer. DLL provides data transmission validation for data being transported over the network. The DLL is logically divided into two sublayers: Media Access Control (MAC) sublayer, and the Logical Link Control (LLC) Sublayer. DLL MAC (hardware) address uniquely identify individual network card (NIC), used for inter-switch routing with ARP protocol (address resolution protocol), while LLC is responsible for end to end flow control of data frames transmitted, perform data transmission error checking.
Layer 3: Network Layer
The network layer is managing logical addressing of data packets and delivery to destination. Routers are special appliances used to perform network layer routing functions. The logical addresses are called IP address (Internet protocols) , are used to identify a computers and network addresses.
Layer 4: Transport Layer
The Transport layer manages the breaking of data packets into smaller chunks, transportation of data packets to computer on the other end, with different degrees of delivery assurance (reliable or unreliable).
Example of reliable transmission is connection oriented protocol TCP (Transmission Control Protocol), once a connection is established, data is sent from source to destination and waits for acknowledgment of receipt before it sends another data stream .
Example of unreliable transmission is UDP (User Datagram Protocol) is connectionless where multiple packets are send to destination without waiting for acknowledgement back (email).
Layer 5: Session Layer
The session layer is responsible for establishing, managing, and releasing connections between applications running on source and destination computers. This layer integrates function of transport layer to provide management capabilities to enhance control over transport layer functions.
Layer 6: Presentation Layer
Presentation layer converts application data into proper format to be sent by transport layer. Presentation layer performs other functions like compression, encryption, ASCII code conversion.
Layer 7: Application Layer
Application layer is the layer with human readable traffic generated on user or operating system level.
Example: user connecting to amazon site from laptop, the application layer manages all http and https traffic between laptop and e-commerce web site.
What are the advantages of VPN?
VPN or virtual private network protocol is used to extend local area network “LAN” data resource access to users connecting remotely with high degree of security and privacy. The remote systems (Laptop, PC, Server) uses VPN protocol to securely connect to LAN systems as if the remote system in part of the local area network “LAN”. Once connected, traffic between remote systems and local LAN data resources is encrypted with one of the encryption algorithm like IPSec to protect information transmitted on connection channel.
what is OSI? and what is the function of each layer of OSI?
OSI is short for open system interconnection. It is a conceptual model that characterizes and standardizes the communication functions of a telecommunication or computing system without regard to their underlying internal structure and technology. Its goal is the interoperability of diverse communication systems with standard protocols.
OSI has 7 layers.
1. physical: a direct point-to-point data connection.
2. data link: a reliable direct point-to-point connection.
3. Network: addressing, routing and delivery of datagrams between points on a network.
4. transport: reliable delivery of segments between points on a network.
5. session: interhost communication, managing session between applications
6. presentation: data representation, encryption, covert machine dependent data to machine independent data.
7. application: network process to application
source: http://www.ibm.com/support/knowledgecenter/SSCVHB_1.1.0/glossary/npi_osi_model.html
Question 1: What is OSI model? What’s the main function of each OSI layer?
The OSI model stands for the Open System Interconnection Reference Model, which is a conceptual model that “characterizes and standardizes the communication functions of a computing system…” This model initially developed by the International Organization for Standardization (ISO). The OSI model has seven layers:
— Layer 7: Application: he application layer serves as the window for users and application processes to access network services.
— Layer 6: Presentation: The presentation layer formats the data to be presented to the application layer. It can be viewed as the translator for the network.
— Layer 5: Session: The session layer allows session establishment between processes running on different stations.
— Layer 4: Transport: The transport layer ensures that messages are delivered error-free, in sequence, and with no losses or duplications. It relieves the higher layer protocols from any concern with the transfer of data between them and their peers.
— Layer 3: Network: The network layer controls the operation of the subnet, deciding which physical path the data should take based on network conditions, priority of service, and other factors.
— Layer 2: Data link. The data link layer provides error-free transfer of data frames from one node to another over the physical layer, allowing layers above it to assume virtually error-free transmission over the link.
— Layer 1: Physical. The physical layer, the lowest layer of the OSI model, is concerned with the transmission and reception of the unstructured raw bit stream over a physical medium.
The layer 1 to layer 3 consist the Media layers; and layer 4 to layer 7 belongs to the Host layers.
Source: http://community.mis.temple.edu/itacs5205fall16/2016/09/29/week-6-questions/#comments
Hi Fangzhou,
Good summary of OSI model, the model is more of a conceptual abstraction of end to end data flows. In real network and systems configuration some of the layers are combined , others are spanning multiple layers.
What is OSI model? What’s the main function of each OSI layer?
The Open Systems Interconnection (OSI) Model is a conceptual and logical layout that defines network communication used by systems open to interconnection and communication with other systems.
Physical: the lowest layer of the OSI model, is concerned with the transmission and reception of the unstructured raw bit stream over a physical medium
Data-Link: Provides error-free transfer of data frames from one node to another over the physical layer, allowing layers above it to assume virtually error-free transmission over the link.
Network: Controls the operation of the subnet, deciding which physical path the data should take based on network conditions, priority of service, and other factors.
Transport: Ensures that messages are delivered error-free, in sequence, and with no losses or duplications. It relieves the higher layer protocols from any concern with the transfer of data between them and their peers
.
Session: Allows session establishment between processes running on different stations.
Presentation: Formats the data to be presented to the application layer. Translates data from a format used by the application layer into a common format at the sending station, then translate the common format to a format known to the application layer at the receiving station.
Application: Serves as the window for users and application processes to access network services.
Source: http://searchnetworking.techtarget.com/definition/OSI
https://support.microsoft.com/en-us/kb/103884
What are the advantages of VPN?
Security – A VPN connection between a user and the remote resources are encrypted. Thus, if the user’s VPN traffic is compromised, the user will not be harmed because the attacker will not be able to see what remote sources the user is connected to.
Privacy Protection – Connection through a VPN will not leave behind a user’s IP address and personal details. Since the traffic is encrypted, the user’s internet usage cannot be tracked or monitored.
Access to Restricted Resources – Certain service provider sites restrict access to specific geographic locations. Since, a VPN hide the user’s personal details the user is able to access those sites.
Great point Yang, with the security feature the user is protected against outside attacks. So if the user is at home and an attack happens, the attacker would not know the location of the user since the VPN IP address is at a different location of the VPN. So the user is protected and the user can work in privacy since the attacker would not like you said be able to view what files they are working on. So security is an advantage of VPN. It safeguards the user and the companies resources from outside attacks since they do not have access to the network.
Good Point Yang, I see tunneling is the biggest advantage of VPN, creating separate tunnel per remote user , each tunnel if fully secured using IPSec .
Question 2: What are the advantages of VPN?
The first advantage is the security of VPN. The PC users usually connect the internet through cables, but it also allows the attackers to locate the users’ IP address. However, by using the VPN, the data from users’ machine to the VPN servers is encrypted, so it enhances the difficulty to attack for hackers, and it also prevents attackers monitoring the users’ operating system. In addition, the VPN also allows PC users break the internet limitation like the Great Firewall of China (GFW). For example, the GFW will lock the oversea IP addresses so the internet users in mainland China are limited in using some websites like YouTube and Facebook. However, by using the VPN, these users in limited areas can visit the websites without being affected by the GFW.
Jumping the GFW… you need to find a VPN service provider, right?
Exactly, to jump the GFW, users should find a VPN service provider with an oversea IP address, but this also brings a new problem that the oversea VPN servers may lower the speed of uploading and downloading the files.
Fangzhou,
Great Post! Very informative. I always new about the limited internet access in China, but never thought of it because it never affected me. It did affect a friend of mine who went to China for business. She could only access facebook when she was at work. I assume the company had a VPN.
I do remember reading about this and found the article. The United States has declared the GFW a trade barrier. This is nothing new and don’t know where it will go but remember reading it at a conference in NY.
http://www.nytimes.com/2016/04/08/business/international/china-internet-controls-us.html?_r=0
What is OSI model? What’s the main function of each OSI layer?
OSI model stands for Open Systems Interconnection model. It is a model that characterizes and standardizes the communication functions of a telecommunication or computing system regardless of its internal structure and technology. Its goal is to allow diverse communication through systems with standard protocols. This model partitions communication systems into layers.
Layer 1 – Physical: Transmission and reception of raw bit streams over a physical medium
Layer 2 – Data link: Reliable transmission of data frames between two nodes connected by a physical layer
Layer 3 – Network: Structuring and managing a multi-node network, including addressing, routing and traffic control
Layer 4 – Transport: Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing
Layer 5 – Session: Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes
Layer 6 – Presentation: Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption
Layer 7 – Application: High-level APIs, including resource sharing, remote file access
https://en.wikipedia.org/wiki/OSI_model
What are the advantages of VPN?
– Data is kept secured and encrypted.
– Remote access and control to data.
– Share files
– Online Anonymity – can search websites privately
– Better performance – bandwidth and efficiency of a network are increased.
– Reduce costs – once VPN network is created the maintenance cost is really low.
https://www.ibvpn.com/2010/02/8-advantages-of-using-vpn/
What is OSI model? What’s the main function of each OSI layer?
The Open Systems Interconnection (OSI) model is to provide a protocol suite used to develop data-networking protocols and other standards to facilitate multivendor equipment interoperability, composed of seven layers, each specifying particular specialized tasks or functions:
Application layer: it provides an interface to the network and communicates the computer’s available resources to the rest of the network;
Presentation layer: it converts data into a format acceptable by the network and provides common communication services.
Session layer: it manages all conversations, data exchanges and dialogs between the application layers.
Transport layer: it provides reliable and transparent transfer of data between end points, end-to-end error recovery and flow control.
Network layer: it is responsible for routing and forwarding through IP addresses.
Data link layer: it provides for the reliable transfer of data across a physical link.
Physical layer: it provides the hardware that transmits and receives the bit stream as electrical optical or radio signals over an appropriate medium or carrier.
What are the advantages of VPN?
VPN – Virtual Private Network is a network created between you and what you access. The advantages are as follow:
Change or hid your IP – it will help you hide your identity and protect your personal data from being stolen.
Privacy – Because of encryption, VPN keeps all your Internet activity private, far from any unwanted eyes
Security – VPN creates a safe connection between you and servers and this protection is really hard, almost impossible to break.
Torrent downloads – it enables you to download torrents in very nice and secure manner without being discovered.
Unblock geo-restricted sites – it provides you the possibility to access geographically blocked sites from anywhere in the world.
According to Microsoft Support, the Open Systems Interconnet (OSI) model was established by the International Standards Organization in 1978, to allow communications between different data transfer applications. (Microsoft, n.d.) The OSI allows for different interfaces to communicate by flowing through the 7 layers.
Layers:
1. Physical
a. Allows for communication between the devices on the computer.
2. Data Link
a. Allows for the transfer of data over the physical layer.
3. Network
a. Allows for the delivery of data.
4. Transport
a. Allows for the flow of traffic.
5. Session Layer
a. Establishes connection between two end-points.
6. Presentation
a. Displays data in a uniformed way.
7. Application
a. Connects applications to networked services
While researching the OSI, I found many confusing explanations. One from TechTarget says, “And although useful for guiding discussion and evaluation, OSI is rarely actually implemented, as few network products or standard tools keep all related functions together in well-defined layers as related to the model. The TCP/IP protocols, which define the Internet, do not map cleanly to the OSI model.”.
What is an OSI Model? What is the main function of each layer?
• The OSI model is a seven-layer hierarchical model that shows the communication and data flow through each computer system.
o Physical (Layer 1)
The physical components (cabling, etc) that keep the network together.
o Data Link (Layer 2)
This layer includes switches and links data between locations.
o Network (Layer 3)
Routers operate at this layer, where they move packets of data between IP addresses.
o Transport (Layer 4)
Decides how much information will be communicated from each destination
o Session (Layer 5)
Deals with communication creating a session with the web server you are trying to get data from.
Creates a session between where your computer is trying to get information from.
o Presentation (Layer 6)
The layer that the operating system is on.
The Application layer sends information to the Presentation layer
o Application (Layer 7)
The layer that the end-user interacts with. Applications that the user interacts with are contained within this level (Firefox, Outlook, etc)
What are the advantages of VPN?
• A VPN (virtual private network) is a way of connecting to another network securing over the internet.
• Advantages of VPN are:
o Data encryption – Data is encrypted when sent over a VPN, which can help the security of the data if the network is entered by a hacker
o Low cost
o Employees can access the network from without needing to be physically in the office, thus remote workers can access resources.
o Tunneling Protocol – If the path/tunnel from which the data is moving through is comprised, the data is purged from the tunnel thus setting up another level of security.
Daniel good list, I liked the employees being able to access the network without needing to be in the office. At my old job I was given a laptop and was able to login to the companies server anywhere as long as there was Wi-FI. That made it a lot easier to perform my work and access my projects located on the companies server. Great benefit since I can work from home, well from anywhere really and be able to connect to other co-workers who are also connected to the VPN. It made the job more easier and flexible since if there was any issue, I could login and sign over the program that was sign out to myself back in so that the other user needing it can have it.
What are the advantages of VPN?
Virtual private network are beneficial for companies since they have their own private server that outside people cannot access. This negates the risk of people stealing information about the company. The VPN is secure and only employees are able to access the network. Employees are able to use features on the network such as share files between each other and access the network remotely. Thus VPN enhances security within the company since only employees can access, it is better performance since they are able to access the network anywhere with the proper login or companies laptop, and it reduces cost for the company.
What is OSI model? What’s the main function of each OSI layer?
The Open System Interconnection (OSI) model is a network framework to implement protocols through 7 different layers.
1. Physical – Equipment use to transfer information between systems, examples are wires, Ethernet cords, cards, etc.
2. Date Link – Data is encoded and decoded into bits. Divided into two different layers, Media access control and logical link layer.
3. Network – Information is transfer through technology by logical pathways, also known as virtual circuits.
4. Transport – Information is transfer between systems or host.
5. Session – Applications is establish, manage or terminates in this layer.
6. Presentation – Information is sorted by differences by type and translated through application to network format and vice versa.
7. Application – The end user process layer, where they are able to send the information through file sharing or email etc.
Vu Do, I agree with your answer that Open System Interconnection (OSI) model is a network framework to implement protocols through 7 different layers.
Vu, great post. You thoroughly explained the function of each OSI layer.
A Virtual Private Network uses tunneling to allow for uses in a private network to communicate through a public network, without the risk of the information being intercepted by hackers. This means a person can work at a remote location (Home, Hotel, Restaurant, ect.) and have the data encrypted to ensure secure transmission, over a non-secure network.
Another benefit would be a more productive workforce. Providing a secure connection to the private network will allow for work tasks to be completed anywhere with an internet connection. Increasing employee production.
There are also cost savings for the business if the work of the employee requires working from a remote location. A VPN allows the employee to utilize their own equipment, reducing hardware and support costs associated with the job.
The biggest advantage is worker’s ability to work remotely over a secure tunnel. I would recommend anyone who uses public WiFi to use a VPN connection. There are cheap services that will allow for this and some phone service providers offer VPN services. You don’t want someone to see you went to a bank website and gain your information at a coffee shop.
What is OSI model? What’s the main function of each OSI layer?
The OSI model is a conceptual model that has 7 layers to describe how computers communicate with each other over a network. It shows the flow of traffic through the various stages from the applications layer (the user interface layer) all the way down to the Physical Layer (the medium that the information is transported from computer A to computer B) back up to the Application layer of the target machine.
The Layers are as follows:
(7) Application Layer – supports end-user processes and as the name mentions the applications. Communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified.. Provides application services for file transfers, email, and other network software services. (Telnet and FTP)
(6) Presentation Layer – Provides independence from differences in data representation (encryption) by translating from application to network format. Transforms data into the form the application layer can accept. (ASCII, GIF, JPEG, etc.)
(5) Session Layer – Establishes, manages and terminates the connections between applications. (NetBios names, SQL, NFS, etc.)
(4) Transport Layer – Provides transfer of data between end systems, or hosts, and is responsible for end-to-end error recovery and flow control. (TCP, UPD, etc.)
(3) Network Layer – Switching and routing technologies live here. They create logical paths, or virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer as well as addressing, error handling and pack sequencing. (IP, AppleTalk, etc.)
(2) Data Link Layer – data packets are encoded and decoded into bits. This contains 2 sub layers (1) Media Access Control and the Logical Link Control layers. MAC controls how a computer on the network gains access to data and permission to transmit. The LLC layer control frame synchronization, flow control and error checking.
(1) Physical Layer – This is the medium that the bit stream is sent over via electrical impulse, light, or radio signal. This provides the hardware means of sending and receiving data on a carrier including defining cables, cards, and physical aspects. (Ethernet, B8ZS, RJ45, etc.)
http://www.webopedia.com/quick_ref/OSI_Layers.asp
What are the advantages of VPN?
The top 5 advantages of a VPN are Security, Privacy Protection, Access to restricted resources, and better connectivity. VPNs secure otherwise public networks by encrypting traffic so anyone monitoring the traffic flow will get meaningless characters instead of useable data. When using an established VPN personal information such as IP addresses, locations, etc are hidden. Additionally VPNs are a cost-effective way to leverage public networks for private or confidential traffic without the heavy investment of leasing a private network from a service provider. And lastly, using a VPN establishes an intelligent network where the traffic can follow the most efficient route to the end user/server that you are communicating with.
What is OSI model? What’s the main function of each OSI layer?
OSI (Open Systems Interconnection) is reference model for how applications can communicate over a network. A reference model is a conceptual framework for understanding relationships. The purpose of the OSI reference model is to guide vendors and developers so the digital communication products and software programs they create will interoperate, and to facilitate clear comparisons among communications tools. Most vendors involved in telecommunications make an attempt to describe their products and services in relation to the OSI model. And although useful for guiding discussion and evaluation, OSI is rarely actually implemented, as few network products or standard tools keep all related functions together in well-defined layers as related to the model. The TCP/IP protocols, which define the Internet, do not map cleanly to the OSI model.
Source: http://searchnetworking.techtarget.com/definition/OSI
What are the advantages of VPN?
VPN is popular both among home and corporate users. Its popularity is due to the fact that it brings unmatched benefits in an interconnected world full of challenges to information security and privacy.
VPN has unique advantages from which the top ones are improved security, privacy protection, access to restricted resources and better connectivity.
Source: https://vpntunnel.com/faqs/top-five-vpn-advantages-benefits/
Shizhong, nice post. To elaborate further, a few other advantages of VPN are enhancing security as the data is encrypted, better performance as you increase the bandwidth of your network and reducing costs.
In today’s world, with the traditional “work at the office” model of job productivity being shifted to a work at home model, having a VPN has become more important than ever. If you work remotely you must do so securely. A VPN enables secure, safe remote login to systems which in turn enables companies to offer flexible time to employees and expand their talent pool to individuals who may not be physically nearby to the company. It can also assist with outsourcing IT functions to vendors without worry that connections to their internal systems may be unsecured or vulnerable to attack.
The OSI model lays out and describes the characteristics of the communications functions that underlie any generic telecommunication or computing system.
(1) Physical – conveys the bit stream through the network at the mechanical and electrical level.
(2) Data Link – data packets are encoded and decoded into bits. It furnishes transmission protocol knowledge and management and handles errors in the physical layer, flow control and frame synchronization.
(3) Network – provides switching and routing technologies, creating logical paths known as virtual circuits, for transmitting data from node to node.
(4) Transport – provides transparent transfer of data between end systems and is responsible for end-to-end recovery and flow control.
(5) Session – establishes, manages, and terminates connections between applications.
(6) Presentation – works to transform data into the form that the application layer can accept. This layer formats and encrypts data to be sent across a network, providing freedom from compatibility problems.
(7) Application – provides application services for file transfers, e-mail, and other network software services.
Source: http://www.webopedia.com/quick_ref/OSI_Layers.asp