DATA COMMUNICATION AND NETWORK

What is Data
According to the Oxford “Data is distinct pieces of information, usually formatted in a
special way”. Data can be measured, collected, reported, and analyzed, whereupon it is
often visualized using graphs, images, or other analysis tools. Raw data (“unprocessed
data”) may be a collection of numbers or characters before it’s been “cleaned” and
corrected by researchers.

What is Information
Information is data that has been processed , organized, or structured in a way that makes it
meaningful, valuable and useful.

Why data is important

 Data helps in make better decisions.
 Data helps in solve problems by finding the reason for underperformance.
 Data helps one to evaluate the performance.
 Data helps one improve processes.
 Data helps one understand consumers and the market.

Categories of Data
Data can be categories into two main parts:
 Structured Data: This type of data is organized data into specific format, making it
easy to search, analyze and process. Structured data is found in a relational
databases that includes information like numbers, data and categories.
 UnStructured Data: Unstructured data does not conform to a specific structure or
format. It may include some text documents, images, videos, and other data that is
not easily organized or analyzed without additional processing.

Types of Data
Generally data can be classified into two parts:
1. Categorial Data: In categorical data we see the data which have a defined category, for
example:
 Marital Status
 Political Party
 Eye colour
2. Numerical Data: Numerical data can further be classified into two categories:
 Discrete Data: Discrete data contains the data which have discrete numerical values
for example Number of Children, Defects per Hour etc.
 Continuous Data: Continuous data contains the data which have continuous
numerical values for example Weight, Voltage etc.

Communication
The word communication has its root in the Latin verb communicare, which means 'to share'
or 'to make common'. Communication is usually understood as the transmission of
information: a message is conveyed from a sender to a receiver using some medium, such as
sound, written signs, bodily movements, or electricity. Sender and receiver are often distinct
individuals but it is also possible for an individual to communicate with themselves. In some
cases, sender and receiver are not individuals but groups like organizations, social classes, or
nations.
Data Communication

Data communication plays an important role in today’s interconnected world and enables
the exchange of information between devices and networks. Whether you’re sending an
email, making a video call, or browsing the web, data communication ensures that
information flows smoothly.

What is Data Communication

Data communication refers to the process of transmitting and receiving data between two or
more devices over a communication channel. It involves the conversion of data into signals
that can be transmitted and then decoding those signals at the receiving end. Effective data
communication requires the use of appropriate protocols, encoding techniques, and
hardware devices.
Components of Data Communication
A communication system is made up of the following components:
1. Message: A message is a piece of information that is to be transmitted from one person
to another. It could be a text file, an audio file, a video file, etc.
2. Sender: It is simply a device that sends data messages. It can be a computer, mobile,
telephone, laptop, video camera, or workstation, etc.
3. Receiver: It is a device that receives messages. It can be a computer, telephone mobile,
workstation, etc.
4. Transmission Medium / Communication Channels: Communication channels are the
medium that connect two or more workstations. Workstations can be connected by
either wired media or wireless media.
5. Set of rules (Protocol): When someone sends the data (The sender), it should be
understandable to the receiver also otherwise it is meaningless. For example, Senior
Sekinat sends a message to Kyari. If Senior Sekinat writes in Yoroba and Kyari cannot
understand Yoroba, it is a meaningless conversation.

Therefore, there are some set of rules (protocols) that is followed by every computer
connected to the internet and they are:
 TCP (Transmission Control Protocol): It is responsible for dividing messages into
packets on the source computer and reassembling the received packet at the
destination or recipient computer. It also makes sure that the packets have the
information about the source of the message data, the destination of the message
 data, the sequence in which the message data should be re-assembled, and checks if
the message has been sent correctly to the specific destination.
 IP (Internet Protocol): Do You ever wonder how computer determines which packet
belongs to which device. What happens if the message you sent to your friend is
received by your father? Scary Right. Well! IP is responsible for handling the
address of the destination computer so that each packet is sent to its proper
destination.
Types of Data Transmission
Data transmission can occur in two primary ways:
 Serial Transmission: In serial transmission, data is transmitted bit by bit over a single
communication channel. It is commonly used for long-distance communication and is
more reliable but slower compared to parallel transmission.
 Parallel Transmission: In parallel transmission, multiple bits are transmitted
simultaneously over separate communication channels. It allows for faster data transfer
but is more susceptible to errors in long-distance transmissions.
Type of data communication
As we know that data communication is communication in which we can send or receive
data from one device to another. The data communication is divided into three types:
1. Simplex Communication: It is one-way communication or we can say that
unidirectional communication in which one device only receives and another device
only sends data and devices uses their entire capacity in transmission. For example,
IoT, entering data using a keyboard, listing music using a speaker, etc.
2. Half Duplex communication: It is a two-way communication, or we can say that it is
a bidirectional communication in which both the devices can send and receive data
but not at the same time. When one device is sending data then another device is
only receiving and vice-versa. For example, walkie-talkie.
3. Full-duplex communication: It is a two-way communication or we can say that it is
a bidirectional communication in which both the devices can send and receive data
at the same time. For example, mobile phones, landlines, etc.
Communication Channels
Communication channels are the medium that connects two or more workstations.
Workstations can be connected by either wired media or wireless media. It is also known as
a transmission medium. The transmission medium or channel is a link that carries messages
between two or more devices. We can group the communication media into two categories:
 Guided media transmission
 Unguided media transmission
1. Guided Media: In this transmission medium, the physical link is created using wires or
cables between two or more computers or devices, and then the data is transmitted using
these cables in terms of signals. Guided media transmission of the following types:
1. Twisted pair cable: It is the most common form of wire used in communication. In a
twisted-pair cable, two identical wires are wrapped together in a double helix. The
twisting of the wire reduces the crosstalk. It is known as the leaking of a signal from
one wire to another due to which signal can corrupt and can cause network errors. The
 twisting protects the wire from internal crosstalk as well as external forms of signal
interference. Types of Twisted Pair Cable:
 Unshielded Twisted Pair (UTP): It is used in computers and telephones
widely. As the name suggests, there is no external shielding so it does not protects
from external interference. It is cheaper than STP.
 Shielded Twisted Pair (STP): It offers greater protection from crosstalk due to
shield. Due to shielding, it protects from external interference. It is heavier and
costlier as compare to UTP.
3. Coaxial Cable: It consists of a solid wire core that is surrounded by one or more
foil or wire shields. The inner core of the coaxial cable carries the signal and the
outer shield provides the ground. It is widely used for television signals and also
used by large corporations in building security systems. Data transmission of this
cable is better but expensive as compared to twisted pair.
3. Optical fibers: Optical fiber is an important technology. It transmits large amounts
of data at very high speeds due to which it is widely used in internet cables. It carries
data as a light that travels inside a thin glass fiber. The fiber optic cable is made up of
three pieces:
1. Core: Core is the piece through which light travels. It is generally created using
glass or plastic.
2. Cladding: It is the covering of the core and reflects the light back to the core.
3. Sheath: It is the protective covering that protects fiber cable from the
environment.
2. Unguided Media: The unguided transmission media is a transmission mode in which the
signals are propagated from one device to another device wirelessly. Signals can wave
through the air, water, or vacuum. It is generally used to transmit signals in all directions.
Unguided Media is further divided into various parts:
1. Microwave: Microwave offers communication without the use of cables.
Microwave signals are just like radio and television signals. It is used in long-
distance communication. Microwave transmission consists of a transmitter, receiver,
and atmosphere. In microwave communication, there are parabolic antennas that are
mounted on the towers to send a beam to another antenna. The higher the tower, the
greater the range.
2. Radio wave: When communication is carried out by radio frequencies, then it is
termed radio waves transmission. It offers mobility. It is consists of the transmitter
and the receiver. Both use antennas to radiate and capture the radio signal.
3. Infrared: It is short-distance communication and can pass through any object. It is
generally used in TV remotes, wireless mouse, etc.
Networks
Computer Network means an interconnection of autonomous (standalone) computers for
information exchange. The connecting media could be a copper wire, optical fiber,
microwave, or satellite.
Networking Elements – The computer network includes the following networking
elements:
1. At least two computers
2. Transmission medium either wired or wireless
3. Protocols or rules that govern the communication
4. Network software such as Network Operating System
Network Criteria:
The criteria that have to be met by a computer network are:
1. Performance – It is measured in terms of transit time and response time.
 Transit time is the time for a message to travel from one device to another
 Response time is the elapsed time between an inquiry and a response.
Performance is dependent on the following factors:
 The number of users
 Type of transmission medium
 Capability of connected network
 Efficiency of software
 Bandwidth
 Network topology
 Network protocols
 Distance
 Network congestion
 Network hardware
2. Reliability – It is measured in terms of
 Frequency of failure
 Recovery from failures
 Robustness during catastrophe
 Quality of service (QoS)
 Reducing single points of failure
 Capacity planning
 Network architecture

3. Security – It means protecting data from unauthorized access.

4. Network topology- It is another crucial factor to consider when designing a computer
network. It refers to the way in which computers, devices, and links are arranged in a
network. Common topologies include bus, star, ring, mesh, and hybrid, each with its own
advantages and disadvantages in terms of cost, scalability, reliability, and performance. The
choice of topology depends on the specific needs and constraints of the network. Other
important criteria that must be met by a computer network include performance, reliability,
and security.
Goals of Computer Networks
The following are some important goals of computer networks:
1. Resource Sharing – Much organization has a substantial number of computers in
operations, which are located apart. Ex. A group of office workers can share a common
printer, fax, modem, scanner, etc.
High Reliability – If there are alternate sources of supply, all files could be replicated
on two or more machines. If one of them is not available, due to hardware failure, the
other copies could be used.
2. Inter-process Communication – Network users, located geographically apart, may
converse in an interactive session through the network. In order to permit this, the
network must provide almost error-free communications.
3. Flexible access – Files can be accessed from any computer in the network. The project
can be begun on one computer and finished on another.
4. Security – Computer networks must be secure to protect against unauthorized access,
data breaches, and other security threats. This includes implementing measures such as
firewalls, antivirus software, and encryption to ensure the confidentiality, integrity, and
availability of data.
5. Performance – Computer networks must provide high performance and low latency to
ensure that applications and services are responsive and available when needed. This
requires optimizing network infrastructure, bandwidth utilization, and traffic
management.
6. Scalability - Computer networks must be designed to scale up or down as needed to
accommodate changes in the number of users, devices, and data traffic. This requires
careful planning and management to ensure the network can meet current and future
needs.
Other goals include Distribution of processing functions, Centralized management, and
allocation of network resources, Compatibility of dissimilar equipment and software,
Good network performance, Scalability, Saving money, Access to remote information,
Person to person communication, etc.
Advantages:
1. Resource sharing: Networks enable the sharing of resources such as printers, scanners,
storage devices, and software applications, which can reduce costs and increase efficiency.
2. Communication and collaboration: Networks provide a platform for communication and
collaboration among users, allowing for easy sharing of information and ideas.
3. Centralized management: Networks allow for centralized management of devices, users,
and resources, making it easier to control and monitor the network.
4. Scalability: Networks can be scaled up or down to accommodate changes in the number
of users, devices, or data volume.
5. Accessibility: Networks can provide remote access to resources, enabling users to work
from anywhere and improving accessibility to information and resources.
Disadvantages:
1. Security vulnerabilities: Networks can be vulnerable to security threats such as hacking,
viruses, and malware, which can compromise sensitive data and disrupt network operations.
2. Complexity: Networks can be complex to set up, configure, and maintain, requiring
specialized knowledge and expertise.
3. Dependence on infrastructure: Networks depend on the underlying infrastructure such as
cables, routers, switches, and servers, which can be prone to failures or downtime,
disrupting network operations.
Cost: Networks can be expensive to set up and maintain, requiring investments in hardware,
software, and personnel.
Performance limitations: Networks have performance limitations such as bandwidth
constraints, latency, and congestion, which can affect the speed and reliability of network
operations.

Physical Components of Computer Network

The physical components of a computer network include hardware devices and media that
enable connectivity and data exchange between devices. The server, client, peer, transmission
media, and connecting devices make up the hardware components. The operating system and
protocols are examples of software components. A computer network is made up of several
computers connected so that resources and data can be shared. In this article, we will discuss
every point about the physical component of a computer network.
Types of Physical Components
A computer network consists of several physical components. In other words, two or more
devices are connected via a computer network to exchange an almost infinite amount of data
and services. Here Below are some physical components of computer Networks:

1. NIC (Network Interface Card)

NIC or Network Interface Card is a network adapter used to connect the computer to the
network. It is installed in the computer to establish a LAN. It has a unique ID that is written
on the chip, and it has a connector to connect the cable to it. The cable acts as an interface
between the computer and the router or modem. NIC card is a layer 2 device, which means it
works on the network model’s physical and data link layers.

Types of NIC

 Wired NIC: Cables and Connectors use Wired NIC to transfer data.

 Wireless NIC: These connect to a wireless network such as Wifi, Bluetooth, etc.

2. HUB
A hub is a multi-port repeater. A hub connects multiple wires coming from different
branches, for example, the connector in star topology which connects different stations. Hubs
cannot filter data, so data packets are sent to all connected devices. In other words,
the collision domain of all hosts connected through hub remains one. Hub does not have any
routing table to store the data of ports and map destination addresses, the routing table is used
to send/broadcast information across all the ports.

Types of HUB

 Active HUB: Active HUB regenerates and amplifies the electric signal before sending
them to all connected device. This hub is suitable to transmit data for long distance
connections over the network.

 Passive HUB: As the name suggests it does not amplify or regenerate electric signal,
it is the simplest types of Hub among all and it is not suitable for long-distnace
connections.

 Switching HUB: This is also known as intelligent HUB, they provide some additional
functionality over active and passive hubs. They analyze data packets and make
decisions based on MAC address and they are operated on DLL(Data Link Layer).

3. Router

A Router is a device like a switch that routes data packets based on their IP addresses. The
router is mainly a Network Layer device. Routers normally connect LANs and WANs and
have a dynamically updating routing table based on which they make decisions on routing the
data packets. The router divides the broadcast domains of hosts connected through it.
Types of Router
There are several types of routers. Some of them are mentioned below:
1. Broadband Routers: These are one of the important kinds of routers. It is used to do
different types of things. it is used to connect computers or it is also used to connect to
the internet.
2. Wireless routers: These routers are used to create a wireless signal in your office or
home.
3. Wired Routers: Wired Router is used to connects multiple wired devices using a
Ethernet cable, It takes the transmission data from the modem and distribute it to a
further network, it is widely used in schools and small offices.
4. Edge Routers: As the name indicates, these are located at the edges usually connected to
an Internet Service Provider, and distribute packets across multiple packets.
5. Core Routers: Core routers distribute packets within the same network. The main task is
to carry heavy data transfers.
6. Virtual Router: They are implemented using a software on the virtual machine , and
they are more flexible and scalable.
7. Portable Routers: They are used to create private Wi-Fi and hence designed for easy
portability.

4. Modem

A Modem is a short form of Modulator/Demodulator. The Modem is a hardware

component/device that can connect computers and other devices such as routers and switches
to the internet. Modems convert or modulate the analog signals coming from telephone wire
into a digital form that is in the form of 0s and 1s.

5. Switch

A Switch is a multiport bridge with a buffer and a design that can boost its efficiency(a large
number of ports implies less traffic) and performance. A switch is a data link layer device.
The switch can perform error checking before forwarding data, which makes it very efficient
as it does not forward packets that have errors and forward good packets selectively to the
correct port only.
Switches

6. Nodes

Node is a term used to refer to any computing devices such as computers that send and
receive network packets across the network.

Types of nodes

 End Nodes: These types of nodes are going to be the starting point or the end point of
communication. E.g., computers, security cameras, network printers, etc.

 Intermediary Nodes: These nodes are going to be in between the starting point or end
point of the end nodes. E.g., Switches, Bridges, Routers, cell towers, etc.

7. Media

It is also known as Link which is going to carry data from one side to another side. This link
can be Wired Medium (Guided Medium) and Wireless Medium (Unguided Medium). It is of
two types:

7.1 Wired Medium

 Ethernet: Ethernet is the most widely used LAN technology, which is defined under
IEEE standards 802.3. There are two types of Ethernet:

 Fibre Optic Cable: In fibre optic cable data is transferred in the form of light waves.

 Coaxial Cable: Coaxial Cable is mainly used for audio and video communications.
  USB Cable: USB Stands for Universal Serial Bus it is mainly used to connect PCs
and smartphones.

USB

7.2 Wireless Medium

 Infrared (E.g. short-range communication – TV remote control).

 Radio (E.g. Bluetooth, Wi-Fi).

 Microwaves (E.g. Cellular system).

 Satellite (E.g. Long range communications – GPS).

8. Repeater

Repeater is an important component of computer networks as it is used to regenerate and

amplify signal in the computer networks. Repeaters are used to improve the quality of the
networks and they are operated on the Physical Layer of the OSI Model.

9. Server

A server is a computer program that provides various functionality to another computer

program. The server plays a vital role in facilitating communication, data storage, etc. Servers
have more data storage as compared to normal computers. They are designed for the specific
purpose of handling multiple requests from clients.
 LAYER ARCHITECTURE IN OSI/ ISO
1. Physical Layer
The Physical layer is the first layer in the OSI (Open Systems Interconnection) model,
which is a conceptual framework that standardizes the functions of a communication
system. The Physical layer deals with the physical transmission of data bits over a
communication channel. It defines the electrical, mechanical, and procedural aspects of
transmitting raw data between network devices. It primarily focuses on converting digital
data into a format suitable for transmission and ensuring reliable and efficient
communication at the physical level.

The main functions of the Physical layer include:

1. Encoding and signalling: It defines the method of encoding digital data into electrical,
optical, or radio signals for transmission over the physical medium.
2. Physical media: It specifies the characteristics of the physical media used for data
transmission, such as cables, fibre optics, or wireless channels.
3. Data transmission: It establishes the rules for transmitting raw data bits over the physical
medium, including aspects like bit synchronization, line coding, and error detection.
4. Physical topologies: It defines the physical arrangement or layout of network devices and
how they are connected, such as bus, star, ring, or mesh topologies.
5. Transmission modes: It describes the ways in which data is transmitted between devices,
such as simplex (one-way), half-duplex (two-way but not simultaneously), or full-duplex
(two-way simultaneously).

Physical Layer
The physical Layer is the bottom-most layer in the Open System Interconnection (OSI)
Model which is a physical and electrical representation of the system. It consists of various
network components such as power plugs, connectors, receivers, cable types, etc. The
physical layer sends data bits from one device(s) (like a computer) to another device(s).
The physical Layer defines the types of encoding (that is how the 0’s and 1’s are encoded
in a signal). The physical Layer is responsible for the communication of the unstructured
raw data streams over a physical medium.
Functions Performed by Physical Layer
The following are some important and basic functions that are performed by the Physical
Layer of the OSI Model:

1. The physical layer maintains the data rate (how many bits a sender can send per
second).
2. It performs the Synchronization of bits.
3. It helps in Transmission Medium decisions (direction of data transfer).
4. It helps in Physical Topology (Mesh, Star, Bus, Ring) decisions (Topology through
which we can connect the devices with each other).
5. It helps in providing Physical Medium and Interface decisions.
6. It provides two types of configuration Point Point configuration and Multi-Point
configuration.
7. It provides an interface between devices (like PCs or computers) and transmission
medium.
8. It has a protocol data unit in bits.
9. Hubs, Ethernet, etc. device is used in this layer.
10. This layer comes under the category of Hardware Layers (since the hardware layer is
responsible for all the physical connection establishment and processing too).
11. It provides an important aspect called Modulation, which is the process of converting
the data into radio waves by adding the information to an electrical or optical nerve
signal.
12. It also provides a Switching mechanism wherein data packets can be forwarded from
one port (sender port) to the leading destination port.
Physical Topologies
Physical Topology or Network Topology is the Geographical Representation of Linking
devices. Following are the four types of physical topology-
1. Mesh Topology: In a mesh topology, each and every device should have a dedicated
point-to-point connection with each and every other device in the network. Here there is
more security of data because there is a dedicated point-to-point connection between
two devices. Mesh Topology is difficult to install because it is more complex.
2. Star Topology: In star topology, the device should have a dedicated point-to-point
connection with a central controller or hub. Star Topology is easy to install and
reconnect as compared to Mesh Topology. Star Topology doesn’t have Fault Tolerance
Technique.
3. Bus Topology: In a bus topology, multiple devices are connected through a single cable
that is known as backbone cable with the help of tap and drop lines. It is less costly as
compared to Mesh Topology and Star Topology. Re-connection and Re-installation are
difficult.
4. Ring Topology: In a ring topology, each device is connected with repeaters in a circle-
like ring that’s why it is called Ring Topology. In Ring Topology, a device can send the
data only when it has a token, without a token no device can send the data, and a token
is placed by Monitor in Ring Topology.
Line Configuration
 Point-to-Point configuration: In Point-to-Point configuration, there is a line (link) that
is fully dedicated to carrying the data between two devices.
 Multi-Point configuration: In a Multi-Point configuration, there is a line (link)
through which multiple devices are connected.
Modes of Transmission Medium
1. Simplex mode: In this mode, out of two devices, only one device can transmit the data,
and the other device can only receive the data. Example- Input from keyboards,
monitors, TV broadcasting, Radio broadcasting, etc.
2. Half Duplex mode: In this mode, out of two devices, both devices can send and receive
the data but only one at a time not simultaneously. Examples- Walkie-Talkie, Railway
Track, etc.
3. Full-Duplex mode: In this mode, both devices can send and receive the data
simultaneously. Examples- Telephone Systems, Chatting applications, etc.
Physical Layer Protocols Examples
Typically, a combination of hardware and software programming makes up the physical
layer. It consists of several protocols that control data transmissions on a network. The
following are some examples of Layer 1 protocols:

 Ethernet with 1000BASE-T.

 Ethernet with 1000BASE-SX.
 Ethernet at 100BaseT.
 Synchronous Digital Hierarchy/Optical Synchronisation.
 Physical-layer variations in 802.11.
 Bluetooth.
 Networking for controllers.
 U.S. Serial Bus.

2. Data Link Layer

The data link layer is the second layer from the bottom in the OSI (Open System
Interconnection) network architecture model. It is responsible for the node-to-node delivery
of data. Its major role is to ensure error-free transmission of information. DLL is also
responsible for encoding, decoding, and organizing the outgoing and incoming data.
This is considered the most complex layer of the OSI model as it hides all the underlying
complexities of the hardware from the other above layers. In this article, we will discuss
Data Link Layer in Detail along with its functions, and sub-layers.

OSI Model: Data Link Layer

Sub-Layers of The Data Link Layer
The data link layer is further divided into two sub-layers, which are as follows:
Logical Link Control (LLC)
This sublayer of the data link layer deals with multiplexing, the flow of data among
applications and other services, and LLC is responsible for providing error messages and
acknowledgments as well.
Media Access Control (MAC)
MAC sublayer manages the device’s interaction, responsible for addressing frames, and
also controls physical media access.
The data link layer receives the information in the form of packets from the Network layer,
it divides packets into frames and sends those frames bit-by-bit to the underlying physical
layer.
Functions of the Data-link Layer
There are various benefits of data link layers s let’s look into it.

Framing

The packet received from the Network layer is known as a frame in the Data link layer. At
the sender’s side, DLL receives packets from the Network layer and divides them into small
frames, then, sends each frame bit-by-bit to the physical layer. It also attaches some special
bits (for error control and addressing) at the header and end of the frame. At the receiver’s
end, DLL takes bits from the Physical layer organizes them into the frame, and sends them
to the Network layer.
Addressing
The data link layer encapsulates the source and destination’s MAC address/ physical
address in the header of each frame to ensure node-to-node delivery. MAC address is the
unique hardware address that is assigned to the device while manufacturing.
Error Control
Data can get corrupted due to various reasons like noise, attenuation, etc. So, it is the
responsibility of the data link layer, to detect the error in the transmitted data and correct it
using error detection and correction techniques respectively. DLL adds error detection bits
into the frame’s header, so that receiver can check received data is correct or not. It adds
reliability to phyiscal layer by adding mechansims to detect and retransmit damaged or lost
frames.
Flow Control
If the receiver’s receiving speed is lower than the sender’s sending speed, then this can lead
to an overflow in the receiver’s buffer and some frames may get lost. So, it’s the
responsibility of DLL to synchronize the sender’s and receiver’s speeds and establish flow
control between them.
Access Control
When multiple devices share the same communication channel there is a high probability of
collision, so it’s the responsibility of DLL to check which device has control over the
channel and CSMA/CD and CSMA/CA can be used to avoid collisions and loss of frames
in the channel.
Protocols in Data link layer
There are various protocols in the data link layer, which are as follows:
 Synchronous Data Link Protocol (SDLC)
 High-Level Data Link Protocol (HDLC)
 Serial Line Interface Protocol (SLIP)for encoding
 Point to Point Protocol (PPP)
 Link Access Procedure (LAP)
 Link Control Protocol (LCP)
 Network Control Protocol (NCP)
The Data Link Layer is essential for ensuring that data is transferred reliably and accurately
across a network. It handles error detection and correction, manages data frame sequencing,
and provides access to the physical network. By organizing data into frames and controlling
how devices on the network communicate, the Data Link Layer plays a crucial role in
maintaining smooth and efficient network operations.
3. Network Layer
The Network Layer is the 5th Layer from the top and the 3rd layer from the Bottom of the
OSI Model. It is one of the most important layers which plays a key role in data transmission.
The main job of this layer is to maintain the quality of the data and pass and transmit it from
its source to its destination. It also handles routing, which means that it chooses the best path
to transmit the data from the source to its destination, not just transmitting the packet. There
are several important protocols that work in this layer.

Data is transmitted in the form of packets via various logical network pathways between
various devices. In the seven-layer open system interconnection paradigm, the network layer
is the third layer. It offers routes for data packet transfers across the network. The network
layer is also responsible for organising and controlling the available paths for data transfer.

Functions of Network Layer

Network Layer serves various important functions in the data transport mechanism. It is also
responsible for the routing mechanism in which it selects the best path to transfer the data
from source to it’s destination. It divides the entire data into smaller packets which eases the
transfer procedure. It is also responsible for attaching the logical address to the devices
between which the data transmission is happening, so that the packets reach correct
destination and the destination can confirm that it is the same packet it was looking for. Some
of the most important functions of the network layer is given below.
1. Assigning Logical Address
Network layer is solely responsible for assigning logical addresses to devices which are either
sending or receiving data packets. It is useful to uniquely identify each devices in a certain
network. The data packets sent or received consists the IP address of both the sender device
and the receiver device. It is useful to confirm that the packets are sent or received by the
desired parties. There are two part in an IP address, a Host ID and Network ID, using the
Host ID it can be confirmed that the packets were sent by the authorized sender and it has
successfully reached the desired receiver.

2. Routing
Routing is the process of identifying the best path to transmit the packets, Network Layer not
only just sends packets from sender to receiver, but also determines the best route to send
them. Numerous routers are used to find out the best and safest route to transmit the data
packets. Various routing algorithms are used to determine the best path, like link state
routing, Distance Vector Routing, Flooding, Random Walk etc. The header of each data
packet holds the information regarding the path they need to follow to reach their destination
via different routers. Usually there are multiple routers between the sender and the receiver,
so the data packets are routed by using all these available routers.

3. Host-to-Host delivery
Host-to-Host delivery also known as Forwarding is the process in which the network layer
transmits or forwards the data packets via routers, after determining the best path/route. In
some cases it takes more than one router to reach the destination, Network Layer takes care
of those too, it forwards packets from each router to the another router until it reaches the
destination securely.

4. Logical Subnetting
Network Layer also allows a bigger network to be divided into smaller chunks of network
known as Logical Subnetting. It helps the IP addresses to be used more efficiently and less
amount of IP address will be wasted. It is also helpful to manage a larger network more
efficiently. Due to smaller networks, it would be easier to find the device if any
troubleshooting is needed.

5. Fragmentation and Reassembly

Each device / node has a maximum capacity to receive data (it may differ from Node to
Node), which is called Maximum Transmission Unit (MTU). If the total size of data packets
exceedes that size limit, then those data packets are fragmented into more smaller packets /
fragmented so that they can fit the MTU. After fragmentation those packets are being send to
the receiver, and at the receiving end all those fragmented packets are rearranged to create the
actual data in order. The fragmentation is taken care by the routers.

6. Error Handling
Network Layer also check for errors and handles them. Network Layer uses various error
detection techniques like Cylic Redundancy Check (CRC) , Checksums etc. Apart from just
detecting, it also handle those errors using different approaches like Forward Error Correction
(FEC), Hamming Code, Reed-Solomon Codes etc. It also re-transmit the packets which are
either erroneous or didn’t reach the receiver. It uses the ACK messages to determine whether
a packet has been successfully reached the receiver or not, if there is a Negative ACK, then it
means that there is some error with the packet, and the receiver will ask the sender to resend
that packet.

7. Quality of Service (QoS)

Network layer also keep track of the important data or the particular quality of data which is
needed to be send first. Based on the QoS settings, it determines and prioritize the important
data types which needed to be send first. It ensures that there is no delay in receiving the
important data in any condition.

8. Network Address Translation (NAT)

Network Layer also takes care of the Network Address Translation (NAT), means that it
converts any private IP address into a public IP address which is required to communicate
between the sender and the receiver.

9. Congestion Control
Just like MTU, if there is an excessive load on the network which it can’t handle, the network
become congested. Due to which the entire process of sending and receiving data comes to a
pause. Congestion can be dealt with using different algorithms like Leaky Bucket Algorithm
and Token Bucket Algorithm. In case of the leaky bucket algorithm, whatever might be the
speed or amount of data flow into the bucket, the data leaks at a constant rate, which reduces
the congestion in the network. In case of the Token Bucket Algorithm, tokens are being
added into the bucket one by one, until it has reached the maximum capacity, then one by one
according the token sequence each data packet is transmitted.

10. Encapsulation and Decapsulation

Network Layer encapsulates the data coming from the Transport Layer, and also adds
important header parts to the packets, which consists of the necessary information like source
IP address and destination IP address. After receiving the data packets on the destination side
it decapsulates those and make them of original size.

Working of Network Layer

The network layer will initially receive data from the OSI model’s transport layer as part of
the data flow between that layer and other OSI levels. These data packets are handled by the
network layer by include their source and destination addresses. Additionally, it incorporates
the network protocols for proper transfer to the data-link layer over the network channel.

Responsibilities of the Network Layer

In the network channel and communication channel, the network layer is in charge of the
responsibilities listed below:

 It is in charge of managing the network channel’s quickest routing path for the data
packet.

 The network layer packages the data that has been received for transmission.

 maintains the network traffic in the channel by handling the network layer protocols.

Protocols Used at Network Layer

A protocol is a set of rules for data structuring that enables communication and mutual
understanding between two or more devices. At the network layer, a variety of protocols
enable connections, testing, routing, and encryption, including:

1. IP security (IPSec)

IP Sec (Internet Protocol Security) is an Internet Engineering Task Force (IETF) standard
suite of protocols between two communication points across the IP network that provide data
authentication, integrity, and confidentiality. It also defines the encrypted, decrypted, and
authenticated packets. The protocols needed for secure key exchange and key management
are defined in it.

What is IP Security

IPSec refers to a collection of communication rules or protocols used to establish secure

network connections. Internet Protocol (IP) is the common standard that controls how data is
transmitted across the internet. IPSec enhances the protocol’s security by introducing
encryption and authentication. For example, it encrypts data at the source and then decrypts it
at the destination. It also verifies the source of the data.

Uses of IP Security

IPsec can be used to do the following things:

 To encrypt application layer data.

 To provide security for routers sending routing data across the public internet.

 To provide authentication without encryption, like to authenticate that the data

originates from a known sender.

 To protect network data by setting up circuits using IPsec tunneling in which all data
being sent between the two endpoints is encrypted, as with a Virtual Private
Network(VPN) connection.

What is IPSec Encyrption?

IPSec encryption is a software function that encrypts data to protect it from unauthorized
access. An encryption key encrypts data, which must be decrypted. IPSec supports a variety
of encryption algorithms, including AES, Blowfish, Triple DES, ChaCha, and DES-CBC.
IPSec combines asymmetric and symmetric encryption to provide both speed and security
during data transmission. In asymmetric encryption, the encryption key is made public, while
the decryption key remains private. Symmetric encryption employs the same public key to
encrypt and decrypts data. IPSec builds a secure connection using asymmetric encryption and
then switches to symmetric encryption to speed up data transmission.

Components of IP Security

It has the following components:

 Encapsulating Security Payload (ESP)

 Authentication Header (AH)

 Internet Key Exchange (IKE)

1. Encapsulating Security Payload (ESP): It provides data integrity, encryption,

authentication, and anti-replay. It also provides authentication for payload.

2. Authentication Header (AH): It also provides data integrity, authentication, and anti-
replay and it does not provide encryption. The anti-replay protection protects against the
unauthorized transmission of packets. It does not protect data confidentiality.
IP Header

3. Internet Key Exchange (IKE): It is a network security protocol designed to dynamically

exchange encryption keys and find a way over Security Association (SA) between 2 devices.
The Security Association (SA) establishes shared security attributes between 2 network
entities to support secure communication. The Key Management Protocol (ISAKMP) and
Internet Security Association provides a framework for authentication and key exchange.
ISAKMP tells how the setup of the Security Associations (SAs) and how direct connections
between two hosts are using IPsec. Internet Key Exchange (IKE) provides message content
protection and also an open frame for implementing standard algorithms such as SHA and
MD5. The algorithm’s IP sec users produce a unique identifier for each packet. This identifier
then allows a device to determine whether a packet has been correct or not. Packets that are
not authorized are discarded and not given to the receiver.

Packets in Internet Protocol

IP Security Architecture

IPSec (IP Security) architecture uses two protocols to secure the traffic or data flow. These
protocols are ESP (Encapsulation Security Payload) and AH (Authentication Header). IPSec
Architecture includes protocols, algorithms, DOI, and Key Management. All these
components are very important in order to provide the three main services:

 Confidentiality

 Authenticity

 Integrity
Working on IP Security

 The host checks if the packet should be transmitted using IPsec or not. This packet
traffic triggers the security policy for itself. This is done when the system sending the
packet applies appropriate encryption. The incoming packets are also checked by the
host that they are encrypted properly or not.

 Then IKE Phase 1 starts in which the 2 hosts( using IPsec ) authenticate themselves to
each other to start a secure channel. It has 2 modes. The Main mode provides greater
security and the Aggressive mode which enables the host to establish an IPsec circuit
more quickly.

 The channel created in the last step is then used to securely negotiate the way the IP
circuit will encrypt data across the IP circuit.

 Now, the IKE Phase 2 is conducted over the secure channel in which the two hosts
negotiate the type of cryptographic algorithms to use on the session and agree on
secret keying material to be used with those algorithms.

 Then the data is exchanged across the newly created IPsec encrypted tunnel. These
packets are encrypted and decrypted by the hosts using IPsec SAs.

 When the communication between the hosts is completed or the session times out
then the IPsec tunnel is terminated by discarding the keys by both hosts.

What are IPSec modes?

 Tunnel: The IPSec tunnel mode is appropriate for sending data over public networks
because it improves data security against unauthorised parties. The computer encrypts
all data, including the payload and header, and adds a new header to it.

 Transport: IPSec transport mode encrypts only the data packet’s payload while
leaving the IP header unchanged. The unencrypted packet header enables routers to
determine the destination address of each data packet. As a result, IPSec transport is
utilized in a closed and trusted network, such as to secure a direct link between two
computers.

Features of IPSec

 Authentication: IPSec provides authentication of IP packets using digital signatures

or shared secrets. This helps ensure that the packets are not tampered with or forged.

 Confidentiality: IPSec provides confidentiality by encrypting IP packets, preventing

eavesdropping on the network traffic.

 Integrity: IPSec provides integrity by ensuring that IP packets have not been
modified or corrupted during transmission.

 Key management: IPSec provides key management services, including key exchange
and key revocation, to ensure that cryptographic keys are securely managed.

 Tunneling: IPSec supports tunneling, allowing IP packets to be encapsulated within

another protocol, such as GRE (Generic Routing Encapsulation) or L2TP (Layer 2
Tunneling Protocol).
  Flexibility: IPSec can be configured to provide security for a wide range of network
topologies, including point-to-point, site-to-site, and remote access connections.

 Interoperability: IPSec is an open standard protocol, which means that it is

supported by a wide range of vendors and can be used in heterogeneous
environments.

Advantages of IPSec

 Strong security: IPSec provides strong cryptographic security services that help
protect sensitive data and ensure network privacy and integrity.

 Wide compatibility: IPSec is an open standard protocol that is widely supported by

vendors and can be used in heterogeneous environments.

 Flexibility: IPSec can be configured to provide security for a wide range of network
topologies, including point-to-point, site-to-site, and remote access connections.

 Scalability: IPSec can be used to secure large-scale networks and can be scaled up or
down as needed.

 Improved network performance: IPSec can help improve network performance by

reducing network congestion and improving network efficiency.

Disadvantages of IPSec

 Configuration Complexity: IPSec can be complex to configure and requires

specialized knowledge and skills.

 Compatibility Issues: IPSec can have compatibility issues with some network
devices and applications, which can lead to interoperability problems.

 Performance Impact: IPSec can impact network performance due to the overhead of
encryption and decryption of IP packets.

 Key Management: IPSec requires effective key management to ensure the security
of the cryptographic keys used for encryption and authentication.

 Limited Protection: IPSec only provides protection for IP traffic, and other protocols
such as ICMP, DNS, and routing protocols may still be vulnerable to attacks.

IPSec (Internet Protocol Security) is an essential set of protocols that ensures secure IP
communications via data authentication, integrity, and confidentiality. It works with both
IPv4 and IPv6, encrypting data at the source and decrypting it at the destination. IPSec, which
is widely used to secure application data, routing information, and VPN connections,
provides robust security, interoperability, and scalability. Despite its benefits, IPSec can be
difficult to configure and may have an impact on network performance. Understanding the
IPSec components and encryption methods is critical for efficiently protecting network
connections.

2. Internet Control Message Protocol (ICMP)

Internet Control Message Protocol is known as ICMP. The protocol is at the network layer. It
is mostly utilized on network equipment like routers and is utilized for error handling at the
network layer. Since there are various kinds of network layer faults, ICMP can be utilized to
report and troubleshoot these errors.
Since IP does not have an inbuilt mechanism for sending error and control messages. It
depends on Internet Control Message Protocol (ICMP) to provide error control. In this article,
we are going to discuss ICMP in detail along with their uses, messages, etc.

What is ICMP
ICMP is used for reporting errors and management queries. It is a supporting protocol and is
used by network devices like routers for sending error messages and operations information.
For example, the requested service is not available or a host or router could not be reached.
Since the IP protocol lacks an error-reporting or error-correcting mechanism, information is
communicated via a message. For instance, when a message is sent to its intended recipient, it
may be intercepted along the route from the sender. The sender may believe that the
communication has reached its destination if no one reports the problem. If a middleman
reports the mistake, ICMP helps in notifying the sender about the issue. For example, if a
message can’t reach its destination, if there’s network congestion, or if packets are lost,
ICMP sends back feedback about these issues. This feedback is essential for diagnosing and
fixing network problems, making sure that communication can be adjusted or rerouted to
keep everything running smoothly.

Uses of ICMP
ICMP is used for error reporting if two devices connect over the internet and some error
occurs, So, the router sends an ICMP error message to the source informing about the error.
For Example, whenever a device sends any message which is large enough for the receiver,
in that case, the receiver will drop the message and reply to the ICMP message to the source.
Another important use of ICMP protocol is used to perform network diagnosis by making use
of traceroute and ping utility.
Traceroute: Traceroute utility is used to know the route between two devices connected over
the internet. It routes the journey from one router to another, and a traceroute is performed to
check network issues before data transfer.
Ping: Ping is a simple kind of traceroute known as the echo-request message, it is used to
measure the time taken by data to reach the destination and return to the source, these replies
are known as echo-replies messages.

How Does ICMP Work

ICMP is the primary and important protocol of the IP suite, but ICMP isn’t associated with
any transport layer protocol (TCP or UDP) as it doesn’t need to establish a connection with
the destination device before sending any message as it is a connectionless protocol.
The working of ICMP is just contrasting with TCP, as TCP is a connection-oriented protocol
whereas ICMP is a connectionless protocol. Whenever a connection is established before the
message sending, both devices must be ready through a TCP Handshake.
ICMP packets are transmitted in the form of datagrams that contain an IP header with ICMP
data. ICMP datagram is similar to a packet, which is an independent data entity.
Advantages of ICMP
 Network devices use ICMP to send error messages, and administrators can use the
Ping and Tracert commands to debug the network.
 These alerts are used by administrators to identify issues with network connectivity.
  A prime example is when a destination or gateway host notifies the source host via an
ICMP message if there is a problem or a change in network connectivity that needs to
be reported. Examples include when a destination host or networking becomes
unavailable, when a packet is lost during transmission, etc.
 Furthermore, network performance and connection monitoring tools commonly
employ ICMP to identify the existence of issues that the network team has to resolve.
 One quick and simple method to test connections and find the source is to use the
ICMP protocol, which consists of queries and answers.
Disadvantages of ICMP
 If the router drops a packet, it may be due to an error; but, because to the way the IP
(internet protocol) is designed, there is no way for the sender to be notified of this
problem.
 Assume, while a data packet is being transmitted over the internet, that its lifetime is
over and that the value of the time to live field has dropped to zero. In this case, the
data packet is destroyed.
 Although devices frequently need to interact with one another, there isn’t a standard
method for them to do so in Internet Protocol. For instance, the host needs to verify
the destination’s vital signs to see if it is still operational before transmitting data.

Problems with the Network layer design

 The decision of how to direct packets is a pivotal aspect of network layer design. It
holds great significance as it sets the groundwork for the protocol governing the
transmission of packets between nodes in a network.

 In the nodes, data transmission can be facilitated through either static tables or
dynamic tables. These tables serve as the routes for the transmission of information.
The paths may be pre-established or subject to frequent alteration.

 The smooth flow of data in the network can be disrupted unexpectedly if there is an
overwhelming abundance of packets being transmitted or present on the network.
Consequently, the network might encounter bottlenecks causing a decline in its
performance.

 Separate protocols are needed to enable communication between the two networks.

Advantages of Network Layer

 Using the network layer in the OSI paradigm offers a multitude of advantages. Let’s
delve into some of these benefits:

 The network layer takes the data and breaks it down into packets, which makes
transmitting the data over the network easier. This process also eliminates any weak
points in the transmission, ensuring that the packet successfully reaches its intended
destination.

 Router is the important component of the network layer . Its role is to reduce network
congestion by facilitating collisions and broadcasting the domains within the network
layer.

 Used to send data packets across the network nodes, the forwarding method is
various.
Disadvantages of Network Layer

 There is no flow control mechanism provided by the network layer design.

 There may be times when there are too many datagrams in transit over the network,
causing congestion. This could put further strain on the network routers. In some
circumstances, the router may lose some data packets if there are too many datagrams.
Important data may be lost in the process of transmission as a result of this.

 Indirect control cannot be implemented at the network layer since the data packets are
broken up before being sent. Additionally, this layer lacks effective error control
systems.

4. Transport Layer responsibilities

The transport Layer is the second layer in the TCP/IP model and the fourth layer in the OSI
model. It is an end-to-end layer used to deliver messages to a host. It is termed an end-to-
end layer because it provides a point-to-point connection rather than hop-to-hop, between
the source host and destination host to deliver the services reliably. The unit of data
encapsulation in the Transport Layer is a segment.
Working of Transport Layer
The transport layer takes services from the Application layer and provides services to the
Network layer.
At the sender’s side: The transport layer receives data (message) from the Application
layer and then performs Segmentation, divides the actual message into segments, adds the
source and destination’s port numbers into the header of the segment, and transfers the
message to the Network layer.
At the receiver’s side: The transport layer receives data from the Network layer,
reassembles the segmented data, reads its header, identifies the port number, and forwards
the message to the appropriate port in the Application layer.
Responsibilities of a Transport Layer
 The Process to Process Delivery
 End-to-End Connection between Hosts
 Multiplexing and Demultiplexing
 Congestion Control
 Data integrity and Error correction
 Flow control
1. The Process to Process Delivery
While Data Link Layer requires the MAC address (48 bits address contained inside the
Network Interface Card of every host machine) of source-destination hosts to correctly
deliver a frame and the Network layer requires the IP address for appropriate routing of
packets, in a similar way Transport Layer requires a Port number to correctly deliver the
segments of data to the correct process amongst the multiple processes running on a
particular host. A port number is a 16-bit address used to identify any client-server program
uniquely.

Process to Process Delivery

2. End-to-end Connection between Hosts

The transport layer is also responsible for creating the end-to-end Connection between
hosts for which it mainly uses TCP and UDP. TCP is a secure, connection-orientated
protocol that uses a handshake protocol to establish a robust connection between two end
hosts. TCP ensures the reliable delivery of messages and is used in various applications.
UDP, on the other hand, is a stateless and unreliable protocol that ensures best-effort
delivery. It is suitable for applications that have little concern with flow or error control and
requires sending the bulk of data like video conferencing. It is often used in multicasting
protocols.

End to End Connection.

3. Multiplexing and Demultiplexing
Multiplexing(many to one) is when data is acquired from several processes from the sender
and merged into one packet along with headers and sent as a single packet. Multiplexing
allows the simultaneous use of different processes over a network that is running on a
host. The processes are differentiated by their port numbers. Similarly, Demultiplexing(one
to many) is required at the receiver side when the message is distributed into different
processes. Transport receives the segments of data from the network layer distributes and
delivers it to the appropriate process running on the receiver’s machine.

Multiplexing and Demultiplexing

4. Congestion Control
Congestion is a situation in which too many sources over a network attempt to send data
and the router buffers start overflowing due to which loss of packets occurs. As a result, the
retransmission of packets from the sources increases the congestion further. In this
situation, the Transport layer provides Congestion Control in different ways. It uses open-
loop congestion control to prevent congestion and closed-loop congestion control to remove
the congestion in a network once it occurred. TCP provides AIMD – additive increases
multiplicative decrease and leaky bucket technique for congestion control.
 Leaky Bucket Congestion Control Technique

5. Data integrity and Error Correction

The transport layer checks for errors in the messages coming from the application layer by
using error detection codes, and computing checksums, it checks whether the received data
is not corrupted and uses the ACK and NACK services to inform the sender if the data has
arrived or not and checks for the integrity of data.

Error Correction using Checksum

6. Flow Control
The transport layer provides a flow control mechanism between the adjacent layers of the
TCP/IP model. TCP also prevents data loss due to a fast sender and slow receiver by
imposing some flow control techniques. It uses the method of sliding window protocol
which is accomplished by the receiver by sending a window back to the sender informing
the size of data it can receive.
Protocols of Transport Layer
 Transmission Control Protocol (TCP)
 User Datagram Protocol (UDP)
 Stream Control Transmission Protocol (SCTP)
 Datagram Congestion Control Protocol (DCCP)
 AppleTalk Transaction Protocol (ATP)
 Fibre Channel Protocol (FCP)
 Reliable Data Protocol (RDP)
 Reliable User Data Protocol (RUDP)
 Structured Steam Transport (SST)
 Sequenced Packet Exchange (SPX)
5. Session Layer
The Session Layer is the 5th layer in the Open System Interconnection (OSI) model. This
layer allows users on different machines to establish active communications sessions
between them. It is responsible for establishing, maintaining, synchronizing, terminating
sessions between end-user applications. In Session Layer, streams of data are received and
further marked, which is then resynchronized properly, so that the ends of the messages are
not cut initially and further data loss is avoided. This layer basically establishes a
connection between the session entities. This layer handles and manipulates data which it
receives from the Session Layer as well as from the Presentation Layer.

Working of Session Layer :

Session Layer, which is the 5th layer in the OSI model, uses the services provided by The
transport layer, enables applications to establish and maintain sessions and to synchronize
the sessions. Now, in order to establish a session connection, several things should be
followed. First thing is we should map the session address to the shipping address. The
second thing is that we need to select the required transport quality of service (also referred
as QoS) parameters. Next thing is we need to take care of the negotiations which should
happen between session parameters. Then we further need to transmit limited transparent
user data. Then at last, we need to monitor Data Transfer phase properly. The ability to
send larger amount of data files is extremely important and a necessary thing too.

Functions of Session Layer :

The session layer being the fifth layer in the OSI model performs several different as well
as important functions which are need for establishing as well as maintaining a safe and
secure connection.
Following are some of the functions which are performed by Session Layer:

 Session Layer works as a dialog controller through which it allows systems to

communicate in either half-duplex mode or full duplex mode of communication.
 This layer is also responsible for token management, through which it prevents two
users to simultaneously access or attempting the same critical operation.
 This layer allows synchronization by allowing the process of adding checkpoints, which
are considered as synchronization points to the streams of data.
 This layer is also responsible for session checkpointing and recovery.
 This layer basically provides a mechanism of opening, closing and managing a session
between the end-user application processes.
 The services offered by Session Layer are generally implemented in application
environments using remote procedure calls (RPCs).
 The Session Layer is also responsible for synchronizing information from different
sources.
 This layer also controls single or multiple connections for each-end user application and
directly communicates with both Presentation and transport layers.
 Session Layer creates procedures for checkpointing followed by adjournment, restart
and termination.
 Session Layer uses checkpoints to enable communication sessions which are to be
resumed from that particular checkpoint at which communication failure has occurred.
 The session Layer is responsible for fetching or receiving data information from its
previous layer (transport layer) and further sends data to the layer after it (presentation
layer).
Session Layer Protocols:
Session Layer uses some protocols which are required for safe, secure and accurate
communication which exists between two-ender user applications.
Following are some of the protocols provided or used by the Session Layer –
 AppleTalk Data Stream Protocol (ADSP): ADSP is that type of protocol which was
developed by Apple Inc. and it includes a number of features that allow local area
networks to be connected with no prior setup. This protocol was released in 1985.
This protocol rigorously followed the OSI model of protocol layering. ADSP itself has
two protocols named: AppleTalk Address Resolution Protocol (AARP) and Name
Binding Protocol (NBP), both aimed at making system self-configuring.
 Real-time Transport Control Protocol (RTCP): RTCP is a protocol which provides
out-of-band statistics and control information for an RTP (Real-time Transport
Protocol) session. RTCP’s primary function is to provide feedback on the quality of
service (QoS) in media distribution by periodically sending statistical information such
as transmitted octet and packet counts or packet loss to the participants in the streaming
multimedia session.
 Point-to-Point Tunneling Protocol (PPTP): PPTP is a protocol which provides a
method for implementing virtual private networks. PPTP uses a TCP control channel
and a Generic Routing Encapsulation tunnel to encapsulate PPP (Point-to-Point
Protocol) packets This protocol provides security levels and remote access levels
comparable with typical VPN (Virtual Private Network) products.
 Password Authentication Protocol (PAP): Password Authentication Protocol is a
password-based authentication protocol used by Point to Point Protocol (PPP) to
validate users. Almost all network operating systems, remote servers support PAP. PAP
authentication is done at the time of the initial link establishment and verifies the
identity of the client using a two-way handshake (Client-sends data and server in return
sends Authentication-ACK (Acknowledgement) after the data sent by client is verified
completely).
 Remote Procedure Call Protocol (RPCP): Remote Procedure Call Protocol (RPCP) is
a protocol that is used when a computer program causes a procedure (or a sub-routine)
to execute in a different address space without the programmer explicitly coding the
details for the remote interaction. This is basically the form of client-server interaction,
typically implemented via a request-response message-passing system.
 Sockets Direct Protocol (SDP): Sockets Direct Protocol (SDP) is a protocol that
supports streams of sockets over Remote Direct Memory Access (RDMA) network
fabrics.
The purpose of SDP is to provide an RDMA-accelerated alternative to the TCP
protocol. The primary goal is to perform one particular thing in such a manner which is
transparent to the application.

6. Presentation Layer
Presentation Layer is the 6th layer in the Open System Interconnection (OSI) model. This
layer is also known as Translation layer, as this layer serves as a data translator for the
network. The data which this layer receives from the Application Layer is extracted and
manipulated here as per the required format to transmit over the network. The main
responsibility of this layer is to provide or define the data format and encryption. The
presentation layer is also called as Syntax layer since it is responsible for maintaining the
proper syntax of the data which it either receives or transmits to other layer(s).
Functions of Presentation Layer:
The presentation layer, being the 6th layer in the OSI model, performs several types of
functions, which are described below-

 Presentation layer format and encrypts data to be sent across the network.
 This layer takes care that the data is sent in such a way that the receiver will understand
the information (data) and will be able to use the data efficiently and effectively.
 This layer manages the abstract data structures and allows high-level data structures
(example- banking records), which are to be defined or exchanged.
 This layer carries out the encryption at the transmitter and decryption at the receiver.
 This layer carries out data compression to reduce the bandwidth of the data to be
transmitted (the primary goal of data compression is to reduce the number of bits which
is to be transmitted).
 This layer is responsible for interoperability (ability of computers to exchange and
make use of information) between encoding methods as different computers use
different encoding methods.
 This layer basically deals with the presentation part of the data.
 Presentation layer, carries out the data compression (number of bits reduction while
transmission), which in return improves the data throughput.
 This layer also deals with the issues of string representation.
 The presentation layer is also responsible for integrating all the formats into a
standardized format for efficient and effective communication.
 This layer encodes the message from the user-dependent format to the common format
and vice-versa for communication between dissimilar systems.
 This layer deals with the syntax and semantics of the messages.
 This layer also ensures that the messages which are to be presented to the upper as well
as the lower layer should be standardized as well as in an accurate format too.
 Presentation layer is also responsible for translation, formatting, and delivery of
information for processing or display.
 This layer also performs serialization (process of translating a data structure or an
object into a format that can be stored or transmitted easily).
Features of Presentation Layer in the OSI model: Presentation layer, being the 6th layer
in the OSI model, plays a vital role while communication is taking place between two
devices in a network.
List of features which are provided by the presentation layer are:

 Presentation layer could apply certain sophisticated compression techniques, so fewer

bytes of data are required to represent the information when it is sent over the network.
 If two or more devices are communicating over an encrypted connection, then this
presentation layer is responsible for adding encryption on the sender’s end as well as
the decoding the encryption on the receiver’s end so that it can represent the application
layer with unencrypted, readable data.
 This layer formats and encrypts data to be sent over a network, providing freedom from
compatibility problems.
 This presentation layer also negotiates the Transfer Syntax.
 This presentation layer is also responsible for compressing data it receives from the
application layer before delivering it to the session layer (which is the 5th layer in the
OSI model) and thus improves the speed as well as the efficiency of communication by
minimizing the amount of the data to be transferred.
Working of Presentation Layer in the OSI model :
Presentation layer in the OSI model, as a translator, converts the data sent by the
application layer of the transmitting node into an acceptable and compatible data format
based on the applicable network protocol and architecture. Upon arrival at the receiving
computer, the presentation layer translates data into an acceptable format usable by the
application layer. Basically, in other words, this layer takes care of any issues occurring
when transmitted data must be viewed in a format different from the original format. Being
the functional part of the OSI mode, the presentation layer performs a multitude (large
number of) data conversion algorithms and character translation functions. Mainly, this
layer is responsible for managing two network characteristics: protocol (set of rules) and
architecture.
Presentation Layer Protocols:
Presentation layer being the 6th layer, but the most important layer in the OSI model
performs several types of functionalities, which makes sure that data which is being
transferred or received should be accurate or clear to all the devices which are there in a
closed network. Presentation Layer, for performing translations or other specified
functions, needs to use certain protocols which are defined below:
 Apple Filing Protocol (AFP): Apple Filing Protocol is the proprietary network
protocol (communications protocol) that offers services to macOS or the classic macOS.
This is basically the network file control protocol specifically designed for Mac-based
platforms.
 Lightweight Presentation Protocol (LPP): Lightweight Presentation Protocol is that
protocol which is used to provide ISO presentation services on the top of TCP/IP based
protocol stacks.
 NetWare Core Protocol (NCP): NetWare Core Protocol is the network protocol which
is used to access file, print, directory, clock synchronization, messaging, remote
command execution and other network service functions.
 Network Data Representation (NDR): Network Data Representation is basically the
implementation of the presentation layer in the OSI model, which provides or defines
various primitive data types, constructed data types and also several types of data
representations.
 External Data Representation (XDR): External Data Representation (XDR) is the
standard for the description and encoding of data. It is useful for transferring data
between computer architectures and has been used to communicate data between very
diverse machines. Converting from local representation to XDR is called encoding,
whereas converting XDR into local representation is called decoding.
 Secure Socket Layer (SSL): The Secure Socket Layer protocol provides security to the
data that is being transferred between the web browser and the server. SSL encrypts the
link between a web server and a browser, which ensures that all data passed between
them remains private and free from attacks.

7. Application Layer

The Application Layer of OSI (Open System Interconnection) model, is the top layer in this
model and takes care of network communication. The application layer provides the
functionality to send and receive data from users. It acts as the interface between the user and
the application. The application provides services like file transmission, mail service, and
many more.

In this article we will explore the application layer in the OSI model, application layer
functions, the working of the application layer, and services provided by the application
layer.

What is an Application Layer

Application Layer is the topmost layer in the Open System Interconnection (OSI) model. This
layer provides several ways for manipulating the data (information) which actually enables
any type of user to access network with ease. This layer also makes a request to its bottom
layer, which is presentation layer for receiving various types of information from it.

The Application Layer interface directly interacts with application and provides common web
application services. This layer is basically highest level of open system, which provides
services directly for application process.

Functions of Application Layer

The Application Layer, as discussed above, being topmost layer in OSI model, performs
several kinds of functions which are requirement in any kind of application or
communication process. Following are list of functions which are performed by Application
Layer of OSI Model:

 Application Layer provides a facility by which users can forward several emails and it
also provides a storage facility.

 This layer allows users to access, retrieve and manage files in a remote computer.

 It allows users to log on as a remote host.

 This layer provides access to global information about various services.

  This layer provides services which include: e-mail, transferring files, distributing
results to the user, directory services, network resources and so on.

 It provides protocols that allow software to send and receive information and present
meaningful data to users.

 It handles issues such as network transparency, resource allocation and so on.

 This layer serves as a window for users and application processes to access network
services.

 Application Layer is basically not a function, but it performs application layer

functions.

 The application layer is actually an abstraction layer that specifies the shared
protocols and interface methods used by hosts in a communication network.

 Application Layer helps us to identify communication partners, and synchronizing

communication.

 This layer allows users to interact with other software applications.

 In this layer, data is in visual form, which makes users truly understand data rather
than remembering or visualize the data in the binary format (0’s or 1’s).

 This application layer basically interacts with Operating System (OS) and thus further
preserves the data in a suitable manner.

 This layer also receives and preserves data from it’s previous layer, which is
Presentation Layer (which carries in itself the syntax and semantics of the information
transmitted).

 The protocols which are used in this application layer depend upon what information
users wish to send or receive.

 This application layer, in general, performs host initialization followed by remote

login to hosts.

Working of Application Layer in OSI Model

The application layer in the OSI model generally acts only like the interface which is
responsible for communicating with host-based and user applications. This is in contrast with
TCP/IP protocol, wherein the layers below the application layer, which is Session Layer and
Presentation layer, are clubbed together and form a simple single layer which is responsible
for performing the functions, which includes controlling the dialogues between computers,
establishing as well as maintaining as well as ending a particular session, providing data
compression and data encryption and so on.

Working of Application Layer

 At first, client sends a command to server and when server receives that command, it
allocates port number to client.
  Thereafter, the client sends an initiation connection request to server and when server
receives request, it gives acknowledgement (ACK) to client through client has
successfully established a connection with the server.

 Therefore, now client has access to server through which it may either ask server to
send any types of files or other documents or it may upload some files or documents
on server itself.

Features Provided by Application Layer Protocols

To ensure smooth communication, application layer protocols are implemented the same on
source host and destination host.
The following are some of the features which are provided by Application layer protocols-

 The Application Layer protocol defines process for both parties which are involved in
communication.

 These protocols define the type of message being sent or received from any side
(either source host or destination host).

 These protocols also define basic syntax of the message being forwarded or retrieved.

 These protocols define the way to send a message and the expected response.

 These protocols also define interaction with the next level.

Services Provided by Application Layer

The services provided by application layer in OSI model are:

 It provides interface between user and application.

 It is used for remote login.

 It is used for file transfer.

 It is used for mail services and transfers.

 It is also used to transfer multimedia files.

 It is used for resource sharing.

 It is used for data synchronization.

 It is used for authentication services.

Application Layer Protocols

The application layer provides several protocols which allow any software to easily send and
receive information and present meaningful data to its users. The following are some of the
application layer protocols.

 TELNET: Telnet stands for Telecommunications Network. This protocol is used for
managing files over the Internet. It allows the Telnet clients to access the resources of
Telnet server. Telnet uses port number 23.
  DNS: DNS stands for Domain Name System. The DNS service translates the domain
name (selected by user) into the corresponding IP address. For example- If you
choose the domain name as www.abcd.com, then DNS must translate it as
192.36.20.8 (random IP address written just for understanding purposes). DNS
protocol uses the port number 53.

 DHCP: DHCP stands for Dynamic Host Configuration Protocol. It provides IP

addresses to hosts. Whenever a host tries to register for an IP address with the DHCP
server, DHCP server provides lots of information to the corresponding host. DHCP
uses port numbers 67 and 68.

 FTP: FTP stands for File Transfer Protocol. This protocol helps to transfer different
files from one device to another. FTP promotes sharing of files via remote computer
devices with reliable, efficient data transfer. FTP uses port number 20 for data access
and port number 21 for data control.

 SMTP: SMTP stands for Simple Mail Transfer Protocol. It is used to transfer
electronic mail from one user to another user. SMTP is used by end users to send
emails with ease. SMTP uses port numbers 25 and 587.

 HTTP: HTTP stands for Hyper Text Transfer Protocol. It is the foundation of the
World Wide Web (WWW). HTTP works on the client server model. This protocol is
used for transmitting hypermedia documents like HTML. This protocol was designed
particularly for the communications between the web browsers and web servers, but
this protocol can also be used for several other purposes. HTTP is a stateless protocol
(network protocol in which a client sends requests to server and server responses back
as per the given state), which means the server is not responsible for maintaining the
previous client’s requests. HTTP uses port number 80.

 NFS: NFS stands for Network File System. This protocol allows remote hosts to
mount files over a network and interact with those file systems as though they are
mounted locally. NFS uses the port number 2049.

 SNMP: SNMP stands for Simple Network Management Protocol. This protocol
gathers data by polling the devices from the network to the management station at
fixed or random intervals, requiring them to disclose certain information. SNMP uses
port numbers 161 (TCP) and 162 (UDP).

Application layer is the topmost layer in the OSI Model and acts as an interface between end
user software like a web browser (or any other application that needs network
communication) to send or receive data over network. By offering support for multiple
protocols like SMTP, FTP, SNMP and DHCP the stack helps in effective communication of
data. Everyone who is at network management and application development should also have
the idea about what are basic functions of Application Layer and Protocols.
 DATA SECURITY AND MANAGEMENT

Data is the most valuable asset for any organization, regardless of size or sector. Loss or
corruption of financial reports, business plans and intellectual property can bring even a
global enterprise to a standstill. Moreover, a wide range of compliance regulations mandate
the organization protect information in accordance with data security best practices.

Data security has become even more complicated with today’s hybrid environments.
Coordinated security management is essential to a range of critical tasks, including ensuring
that each user has exactly the right access to data and applications, and that no sensitive data
is overexposed.

What is data security

Data security, or information security, is the use of various types of controls to safeguard
content in both electronic and physical form. A detailed data security definition involves the
three foundational principles known as the CIA triad:
 Confidentiality — Organizations need to prevent unauthorized access to sensitive data.
Security measures include access control lists (ACLs), encryption, strong password policies,
multifactor authentication (MFA), configuration management, and monitoring and alerting.
 Integrity — Data needs to be safeguarded from improper erasure or modification. To verify
content authenticity and secure transactions, many organizations use digital signatures.
 Availability — Information must be available when needed. For example, your financial
database must be available for your accountants to process payment transactions. Availability
includes data resiliency, which involves ensuring that content can be swiftly recovered in the
event of a cyberattack, hardware failure or other adversity.

Why is data security important

Ensuring the security of data is vital for a wide range of vital business goals, including the
following:
 Ensuring operational continuity — Data security protection helps prevent disruptions to
business operations that can result from loss of data confidentiality, integrity or availability.
 Reducing financial risk — Data breaches can have severe financial repercussions beyond
business disruptions, including legal fees, compliance fines and long-term revenue losses due
to damaged customer trust.
 Meeting legal and compliance obligations — Failure to comply with data protection
regulations like GDPR and CCPA can result in hefty fines and lasting reputational damage.
 Protecting intellectual property (IP) — Robust data security helps organizations safeguard
their financial plans, designs, trade secrets and other valuable information from falling into
the wrong hands.

What is data security management

Data security management involves a variety of techniques, processes and practices for
keeping business data safe and inaccessible by unauthorized parties. Data security
management systems focus on protecting sensitive data, like personal information or
business-critical intellectual property. For example, data security management can involve
creating information security policies, identifying security risks, and spotting and assessing
security threats to IT systems. Another critical practice is sharing knowledge about data
security best practices with employees across the organization — for example, exercising
caution when opening email attachments.
 Data security threats and how to manage them
There are many different threats to data security, and they are constantly evolving, so no list
is authoritative. But here is the most common threats you need to keep an eye on and teach
your users about:

 Malware — Malware is malicious software developed to gain unauthorized access or cause

damage. Once malware infects one computer, it can spread quickly through the network.
Malware comes in a variety of forms, like viruses, worms, Trojan horses, spyware and
crimeware. Often malware spreads using its victim’s access rights, so it’s vital to limit each
user’s permissions to only the data and systems they need to do their job.
 DDoS attack — Distributed denial of service attacks attempt to make your servers unusable.
To mitigate the risk, consider investing in an intrusion detection system (IDS) or intrusion
prevention system (IPS) that inspects network traffic and logs potentially malicious activity.
 Phishing scams — This common social engineering technique attempts to trick users into
opening malicious attachments in phishing emails. Solutions include establishing a
cybersecurity-centric culture and using a tool to automatically block spam and phishing
messages so users never see them.
 Hackers — This is an umbrella term for the actors behind the attacks listed above.
 Third parties — Partners and contractors who lack sufficient network security can leave
interconnected systems open to attacks, or they can directly misuse the permissions they’ve
been granted in your IT environment.
 Malicious insiders — Some employees steal data or damage systems deliberately, for
example, to use the information to set up a competing business, sell it on the black market or
take revenge on the employer for a real or perceived problem.
 Mistakes — Users and admins can also make innocent but costly mistakes, such as copying
files to their personal devices, accidently attaching a file with sensitive data to an email, or
sending confidential information to the wrong recipient.

Data protection best practices

To build a layered defense strategy, it’s critical to understand your cybersecurity risks and
how you intend to reduce them. It’s also important to have a way to measure the business
impact of your efforts, so you can ensure you are making appropriate security investments.

Operational best practices

 Use compliance requirements as cybersecurity basics. Simply put, compliance regulations
are designed to force companies defend against major threats and protect sensitive data.
Although meeting compliance requirements is not sufficient for complete data security, it will
help you get started on the right path to risk management and data protection.
 Have a clear cybersecurity policy. Create a policy that clearly explains how sensitive data is
to be handled and the consequences for violating your data protection Making sure all
employees read and understand the policy will reduce the risk that critical data will be
damaged or lost due to human actions.
 Build and test a backup and recovery plan. Companies must prepare for a range of breach
scenarios, from minor data loss to complete data center destruction. Ensure that critical data
is encrypted, backed up and stored offline. Set up roles and procedures that will speed
recovery, and test every part of the plan on a regular schedule.
 Have a bring-your-own-device (BYOD) policy. Allowing users to access your network
with their personal devices increases the risk of a cybersecurity Therefore, create processes
and rules that balance security concerns against convenience and productivity. For instance,
you can mandate that users keep their software up to date. Keep in mind that personal devices
are harder to track than corporate devices.
 Provide regular security training. Help your employees identify and avoid ransomware
attacks, phishing scams and other threats to your data and IT resources.
 Make cybersecurity talent retention a priority. Cybersecurity pros are a scarce commodity
today, so take steps to keep the talent you have. Invest in automated tools that eliminate
mundane daily tasks, so they can focus on implementing strong data security techniques to
combat evolving cyber threats.

Technical best practices

 Classify data based on its value and sensitivity. Get a comprehensive inventory of all the
data you have, both on premises and in the cloud, and classify it. Like most data security
methods, data classification is best when it’s automated. Instead of relying on busy
employees and error-prone manual processes, look for a solution that will accurately and
reliably classify sensitive data like credit card numbers or medical records.
 Conduct regular entitlement reviews. Access to data and systems should be based on the
least-privilege principle. Since user roles, business needs and the IT environment are
constantly changing, work with data owners to review permissions on a regular schedule.
 Run vulnerability assessments. Proactively look for security gaps and take steps to reduce
your exposure to attacks.
 Enforce a strong password policy. Require users to change their credentials quarterly and
use multifactor authentication. Since administrative credentials are more powerful, require
them to be changed at least monthly. In addition, do not use shared admin passwords, since
that makes it impossible to hold individuals accountable for their actions.

Data security tools

 Firewalls — Firewalls prevent undesirable traffic from entering the network. Depending on
the organization’s firewall policy, the firewall might completely disallow some traffic or all
traffic, or it might perform a verification on some or all of the traffic.
 Backup and recovery — As noted earlier, you need reliable backup and recovery in case
data is altered or deleted accidentally or deliberately.
 Antivirus software — This provides a critical first line of defense by detecting and blocking
trojans, rootkits and viruses that can steal, modify or damage your sensitive data.
 IT auditing — Auditing all changes in your systems and attempts to access critical data
enables you proactively spot issues, promptly investigate incidents and ensure individual
accountability.

Advanced security tools

 Data discovery and classification — Data discovery technology scans data repositories to
locate all data. Data classification uses the discovery findings and tags sensitive data with
specific labels so you can protect enterprise data in accordance with its value to the
organization and reduce the risk of improper data exposure.
 Data encryption — Encryption makes data useless for malicious actors. Software-based data
encryption secures data before it is written to the SSD. In hardware-based encryption, a
separate processor is dedicated to encryption and decryption in order to safeguard sensitive
data on a portable device, such as a laptop or USB drive.
 Data loss prevention (DLP) — These data security products and techniques help prevent
sensitive or critical information from leaving the corporate network, thereby helping to
protect it from being lost, misused or accessed by unauthorized people.

 Dynamic data masking (DDM) — DDM supports real-time masking of data in order to
limit exposure of sensitive content to non-privileged users without changing the original data.
Interest in DDM is especially high in big data projects.
 User and entity behavior analytics (UEBA) — UEBA is a complex technology for
baselining normal activity and spotting suspicious deviations before they impact security or
business continuity. UEBA can help you detect multiple types of threats, including insider
threats, hackers, malware and ransomware.
Data network management
Data network management is the process of administering, managing, and operating a
data network. It involves securing, maintaining, and optimizing the network. Network
management systems use both hardware and software components to continuously collect
data, which businesses can analyze and use to improve network reliability, security, and
performance. Network management also involves orchestrating network traffic and data
flow across the enterprise ecosystem.

Fault tolerance is the ability of a system to maintain proper operation despite failures or
faults in one or more of its components. This capability is essential for high-availability,
mission-critical, or even life-critical systems.

Fault management is the component of network management that detects, isolates and
fixes problems. When properly implemented, network fault management can keep
connectivity, applications and services running at an optimal level, provide fault tolerance
and minimize downtime.

Account Data Management refers to specialized tools or platforms that help businesses
effectively manage and organize their account-related information. This software is
deployed in marketing and sales departments to maximize the efficiency of marketing efforts
and facilitate communication between the two organizations. By implementing COA in a
Master Data Management (MDM) system, you can manage the accounts as a catalog of
hierarchically ordered reference data. Each account in the chart of accounts is typically
assigned a name, a brief description, and a unique identification number.

Network performance management encompasses the processes and practices involved in

monitoring, measuring, and optimizing the performance of computer networks. It aims
to ensure that networks operate efficiently, deliver data reliably, and meet the performance
expectations of users and applications.

Simple Network Management Protocol (SNMP)

Simple Network Management Protocol (SNMP) is a widely used protocol for network
management that provides a standardized framework for monitoring and managing network
devices such as routers, switches, servers, and printers. It operates within the application
layer of the Internet protocol suite and allows network administrators to manage network
performance, find and solve network problems, and plan for network growth.
What is Simple Network Management Protocol (SNMP)
Simple Network Management Protocol (SNMP) is an Internet Standard protocol used for
managing and monitoring network-connected devices in IP networks. SNMP is an
application layer protocol that uses UDP port number 161/162.SNMP is used to monitor the
network, detect network faults, and sometimes even to configure remote devices.
Components of SNMP
There are mainly three main components of SNMP:
 SNMP Manager: It is a centralized system used to monitor the network. It is also
known as a Network Management Station (NMS). A router that runs the SNMP server
program is called an agent, while a host that runs the SNMP client program is called a
manager.
 SNMP agent: It is a software management software module installed on a managed
device. The manager accesses the values stored in the database, whereas the agent
maintains the information in the database. To ascertain if the router is congested or not,
for instance, a manager can examine the relevant variables that a router stores, such as
the quantity of packets received and transmitted.
 Management Information Base: MIB consists of information on resources that are to
be managed. This information is organized hierarchically. It consists of objects
instances which are essentially variables. A MIB, or collection of all the objects under
management by the manager, is unique to each agent. System, interface, address
translation, IP, udp, and egp , icmp, tcp are the eight categories that make up MIB. The
mib object is home to these groups.

SNMP Messages
 GetRequest: It is simply used to retrieve data from SNMP agents. In response to this,
the SNMP agent responds with the requested value through a response message.
 GetNextRequest: To get the value of a variable, the manager sends the agent the
GetNextRequest message. The values of the entries in a table are retrieved using this
kind of communication. The manager won’t be able to access the values if it doesn’t
know the entries’ indices. The GetNextRequest message is used to define an object in
certain circumstances.
 SetRequest: It is used by the SNMP manager to set the value of an object instance on
the SNMP agent.
 Response: When sent in response to the Set message, it will contain the newly set value
as confirmation that the value has been set.
 Trap: These are the message sent by the agent without being requested by the manager.
It is sent when a fault has occurred.
 InformRequest: It was added to SNMPv2c and is used to determine if the manager has
received the trap message or not. It is the same as a trap but adds an acknowledgement
that the trap doesn’t provide.
Time to Live (TTL) is a computer networking term that refers to the lifespan of data on the
network. TTL determines how long a packet stays alive before the router discards it. Setting
the right TTL value is crucial for optimizing network performance and reliability.What is
Time to Live: TTL refers to a value set in the header of an Internet Protocol (IP) packet that
tells network devices the maximum number of router hops the packet can make before it is
discarded.
SNMP Security Levels
 noAuthNoPriv: This (no authentication, no privacy) security level uses a community
string for authentication and no encryption for privacy.
 authNopriv: This security level (authentication, no privacy) uses HMAC with Md5 for
authentication and no encryption is used for privacy.
 authPriv: This security level (authentication, privacy) uses HMAC with MD5 or SHA
for authentication and encryption uses the DES-56 algorithm.
Versions of SNMP
 SNMPv1: It uses community strings for authentication and uses UDP only. SNMPv1 is
the first version of the protocol. It is described in RFCs 1155 and 1157 and is simple to
set up.
 SNMPv2c: It uses community strings for authentication. It uses UDP but can be
configured to use TCP. Improved MIB structure elements, transport mappings, and
protocol packet types are all included in this updated version. However, it also makes
use of the current “community-based” SNMPv1 administrative structure, which is why
the version is called SNMPv2c. RFC 1901, RFC 1905, and RFC 1906 all describe it.
 SNMPv3: It uses Hash-based MAC with MD5 or SHA for authentication and DES-56
for privacy. This version uses TCP. Therefore, the conclusion is the higher the version
of SNMP, the more secure it will be. NMPv3 provides the remote configuration of
SNMP entities. This is the most secure version to date because it also includes
authentication and encryption, which may be used alone or in combination. RFC 1905,
RFC 1906, RFC 2571, RFC 2572, RFC 2574, and RFC 2575.6 are the RFCs for
SNMPv3.
Characteristics of SNMP
 SNMP is used to monitor network
 It detects any network faults
 Can also be used to configure remote devices.
 Allows a standardized way of collecting information about all kinds of devices from
various manufacturers among the networking industry.
Advantages of SNMP
 It is simple to implement.
 Agents are widely implemented.
 Agent level overhead is minimal.
 It is robust and extensible.
 Polling approach is good for LAN based managed object.
 It offers the best direct manager agent interface.
 SNMP meet a critical need.
Limitation of SNMP
 It is too simple and does not scale well.
 There is no object orietned data view.
 It has no standard control definition.
 It has many implementation specific (private MIB) extensions.
 It has high communication overhead due to polling
The Simple Network Management Protocol (SNMP) is an important protocol for managing
and monitoring network-connected devices in IP networks. It enables administrators to
effectively monitor network performance, discover and address errors, and configure
remote devices. While SNMP’s simplicity and popularity provide significant advantages, it
also has drawbacks, such as scalability concerns and high communication costs. Despite its
drawbacks, SNMP remains an important in network management.
Internet Message Control Protocol or Internet Control Message Protocol
The Internet Control Message Protocol (ICMP) is a network layer protocol used by
network devices to diagnose network communication issues. It is used to determine
whether or not data is reaching its intended destination in a timely manner. ICMP is most
frequently used in operating systems for networked computers, where it transmits error
messages. ICMP is used by network devices like routers for sending the error messages and
operations information.

What is ICMP used for

The primary purpose of ICMP is for error reporting. When two devices connect over the
Internet, the ICMP generates errors to share with the sending device in the event that any of
the data did not get to its intended destination. For example, if a packet of data is too large for
a router, the router will drop the packet and send an ICMP message back to the original
source for the data.
A secondary use of ICMP protocol is to perform network diagnostics; the commonly used
terminal utilities traceroute and ping both operate using ICMP. The traceroute utility is used
to display the routing path between two Internet devices. The routing path is the actual
physical path of connected routers that a request must pass through before it reaches its
destination. The journey between one router and another is known as a ‘hop,’ and a traceroute
also reports the time required for each hop along the way. This can be useful for
determining sources of network delay.

The ping utility is a simplified version of traceroute. A ping will test the speed of the
connection between two devices and report exactly how long it takes a packet of data to reach
its destination and come back to the sender’s device. Although ping does not provide data
about routing or hops, it is still a very useful metric for gauging the latency between two
devices. The ICMP echo-request and echo-reply messages are commonly used for the
purpose of performing a ping.

Unfortunately network attacks can exploit this process, creating means of disruption such as
the ICMP flood attack and the ping of death attack.

How does ICMP work

Unlike the Internet Protocol (IP), ICMP is not associated with a transport layer protocol such
as TCP or UDP. This makes ICMP a connectionless protocol: one device does not need to
open a connection with another device before sending an ICMP message. Normal IP traffic is
sent using TCP, which means any two devices that exchange data will first carry out a TCP
handshake to ensure both devices are ready to receive data. ICMP does not open a connection
in this way. The ICMP protocol also does not allow for targeting a specific port on a device.

What is an ICMP packet

An ICMP packet is a packet that uses the ICMP protocol. ICMP packets include an ICMP
header after a normal IP header. When a router or server needs to send an error message, the
ICMP packet body or data section always contains a copy of the IP header of the packet that
caused the error.

How is ICMP used in DDoS attacks

ICMP flood attack

A ping flood or ICMP flood is when the attacker attempts to overwhelm a targeted device
with ICMP echo-request packets. The target has to process and respond to each packet,
consuming its computing resources until legitimate users cannot receive service.

ICMP flood attack:

Ping of death attack

A ping of death attack is when the attacker sends a ping larger than the maximum allowable
size for a packet to a targeted machine, causing the machine to freeze or crash. The packet
gets fragmented on the way to its target, but when the target reassembles the packet into its
original maximum-exceeding size, the size of the packet causes a buffer overflow.

The ping of death attack is largely historical at this point. However, older networking
equipment could still be susceptible to it.

Smurf attack

In a Smurf attack, the attacker sends an ICMP packet with a spoofed source IP address.
Networking equipment replies to the packet, sending the replies to the spoofed IP and
flooding the victim with unwanted ICMP packets. Like the 'ping of death,' today the Smurf
attack is only possible with legacy equipment.

ICMP is not the only network layer protocol used in layer 3 DDoS attacks. Attackers have
also used GRE packets in the past, for instance.

Typically, network layer DDoS attacks target networking equipment and infrastructure, as
opposed to application layer DDoS attacks, which target web properties. Cloudflare Magic
Transit is one way to defend against network layer DDoS attacks.