The OSI model OSI 模型
So far in this section of the course, you learned about the components of a network, network devices, and how communication occurs across a network. You also studied the TCP/IP model to understand how network communication is organized across different layers of the internet.
到目前為止,在本課程的這一部分中,你學習了網路的組成部分、網路設備以及如何在網路中進行通信。你還研究了 TCP/IP 模型,以了解網路通信如何在互聯網的不同層次上組織。
All communication on a network is organized using network protocols. Previously, you learned about the Transmission Control Protocol (TCP), which establishes connections between two devices, and the Internet Protocol (IP), which is used for routing and addressing data packets as they travel between devices on a network. These protocols are used on specific internet layers in the TCP/IP model. The 4-layer TCP/IP model is a condensed form of the OSI (open Systems Interconnection) model, which is made up of 7 layers. The OSI model will provide a more in depth understanding of the processes that occur at each layer. We will work backwards from layer seven to layer one, going from the processes that involve direct user interaction with the network to those that involve the physical connection to the internet via network components like cables and switches. This reading will also review the main differences between the TCP/IP and OSI models.
網路上的所有通訊都是使用網路協定來組織的。之前,你已經學習過傳輸控制協定(TCP),它用於在兩個設備之間建立連接,以及網際網路協定(IP),用於在網路上設備之間傳輸數據包時進行路由和尋址。這些協定在 TCP/IP 模型中的特定網際層上使用。四層的 TCP/IP 模型是開放系統互連(OSI)模型的簡化版本,OSI 模型由七層組成。OSI 模型將提供對每一層發生的過程更深入的理解。我們將從第七層倒退到第一層,從涉及用戶直接與網路互動的過程到涉及通過電纜和交換機等網路組件與網際網路的物理連接的過程。本閱讀材料還將回顧 TCP/IP 和 OSI 模型之間的主要差異。
The TCP/IP model vs. the OSI model
TCP/IP 模型與 OSI 模型
The TCP/IP model is a framework used to visualize how data is organized and transmitted across a network. This model helps network engineers and security analysts conceptualize processes on the network and communicate where disruptions or security threats occur.
TCP/IP 模型是一個用來視覺化數據如何在網路中組織和傳輸的框架。這個模型幫助網路工程師和安全分析師概念化網路上的過程,並溝通中斷或安全威脅發生的位置。
The TCP/IP model has four layers: the network access layer, internet layer, transport layer, and application layer. When analyzing network events, security professionals can determine what layer or layers an attack occurred in based on what processes were involved in the incident.
TCP/IP 模型有四個層:網路存取層、網際網路層、傳輸層和應用層。在分析網路事件時,安全專業人員可以根據事件中涉及的過程來確定攻擊發生在哪一層或多層。
The OSI model is a standardized concept that describes the seven layers computers use to communicate and send data over the network. Network and security professionals often use this model to communicate with each other about potential sources of problems or security threats when they occur.
OSI 模型是一個標準化的概念,描述了電腦在網路上進行通訊和傳輸數據時所使用的七層。網路和安全專業人士經常使用這個模型來互相交流,當問題或安全威脅發生時,討論潛在的問題來源。
Some organizations rely heavily on the TCP/IP model, while others prefer to use the OSI model. As a security analyst, it’s important to be familiar with both models. Both the TCP/IP and OSI models are useful for understanding how networks work.
有些組織非常依賴 TCP/IP 模型,而另一些則偏好使用 OSI 模型。作為一名安全分析師,熟悉這兩種模型是很重要的。TCP/IP 和 OSI 模型對於理解網路運作方式都很有幫助。
Layer 7: Application layer
第七層:應用層
The application layer includes processes that directly involve the everyday user. This layer includes all of the networking protocols that software applications use to connect a user to the internet. This characteristic is the identifying feature of the application layer—user connection to the internet via applications and requests.
應用層包含直接涉及日常使用者的過程。這一層包括所有軟體應用程式用來將使用者連接到互聯網的網路協議。這一特性是應用層的識別特徵——通過應用程式和請求將使用者連接到互聯網。
An example of a type of communication that happens at the application layer is using a web browser. The internet browser uses HTTP or HTTPS to send and receive information from the website server. The email application uses simple mail transfer protocol (SMTP) to send and receive email information. Also, web browsers use the domain name system (DNS) protocol to translate website domain names into IP addresses which identify the web server that hosts the information for the website.
在應用層發生的一種通訊類型的例子是使用網頁瀏覽器。網際網路瀏覽器使用 HTTP 或 HTTPS 來從網站伺服器發送和接收資訊。電子郵件應用程式使用簡單郵件傳輸協定(SMTP)來發送和接收電子郵件資訊。此外,網頁瀏覽器使用域名系統(DNS)協定將網站域名轉換為 IP 地址,以識別託管網站資訊的網頁伺服器。
Layer 6: Presentation layer
第六層:表示層
Functions at the presentation layer involve data translation and encryption for the network. This layer adds to and replaces data with formats that can be understood by applications (layer 7) on both sending and receiving systems. Formats at the user end may be different from those of the receiving system. Processes at the presentation layer require the use of a standardized format.
在表示層的功能涉及網路的數據翻譯和加密。此層會添加和替換數據為能夠被發送和接收系統上的應用程式(第 7 層)理解的格式。用戶端的格式可能與接收系統的格式不同。表示層的過程需要使用標準化的格式。
Some formatting functions that occur at layer 6 include encryption, compression, and confirmation that the character code set can be interpreted on the receiving system. One example of encryption that takes place at this layer is SSL, which encrypts data between web servers and browsers as part of websites with HTTPS.
在第 6 層發生的一些格式化功能包括加密、壓縮,以及確認字符代碼集能夠在接收系統上被解讀。此層進行加密的一個例子是 SSL,它在網站使用 HTTPS 時加密網頁伺服器和瀏覽器之間的數據。
Layer 5: Session layer 第 5 層:會話層
A session describes when a connection is established between two devices. An open session allows the devices to communicate with each other. Session layer protocols keep the session open while data is being transferred and terminate the session once the transmission is complete.
會話描述了兩個設備之間建立連接的時候。開啟的會話允許設備之間進行通信。會話層協議在數據傳輸期間保持會話開啟,並在傳輸完成後終止會話。
The session layer is also responsible for activities such as authentication, reconnection, and setting checkpoints during a data transfer. If a session is interrupted, checkpoints ensure that the transmission picks up at the last session checkpoint when the connection resumes. Sessions include a request and response between applications. Functions in the session layer respond to requests for service from processes in the presentation layer (layer 6) and send requests for services to the transport layer (layer 4).
會話層還負責身份驗證、重新連接和在數據傳輸期間設置檢查點等活動。如果會話中斷,檢查點確保在連接恢復時,傳輸從最後的會話檢查點繼續。會話包括應用程式之間的請求和回應。會話層中的功能響應來自表示層(第 6 層)進程的服務請求,並向傳輸層(第 4 層)發送服務請求。
Layer 4: Transport layer 第 4 層:傳輸層
The transport layer is responsible for delivering data between devices. This layer also handles the speed of data transfer, flow of the transfer, and breaking data down into smaller segments to make them easier to transport. Segmentation is the process of dividing up a large data transmission into smaller pieces that can be processed by the receiving system. These segments need to be reassembled at their destination so they can be processed at the session layer (layer 5). The speed and rate of the transmission also has to match the connection speed of the destination system. TCP and UDP are transport layer protocols.
傳輸層負責在設備之間傳遞數據。這一層還處理數據傳輸的速度、傳輸流量,以及將數據分解成較小的段以便於傳輸。分段是將大型數據傳輸分割成較小部分的過程,以便接收系統能夠處理。這些段需要在目的地重新組合,以便在會話層(第 5 層)進行處理。傳輸的速度和速率也必須與目的地系統的連接速度相匹配。TCP 和 UDP 是傳輸層協議。
Layer 3: Network layer 第 3 層:網路層
The network layer oversees receiving the frames from the data link layer (layer 2) and delivers them to the intended destination. The intended destination can be found based on the address that resides in the frame of the data packets. Data packets allow communication between two networks. These packets include IP addresses that tell routers where to send them. They are routed from the sending network to the receiving network.
網路層負責從資料鏈路層(第 2 層)接收幀並將其傳送到預定的目的地。預定的目的地可以根據位於資料包幀中的地址找到。資料包允許兩個網路之間的通信。這些資料包包含 IP 地址,告訴路由器應將其發送到哪裡。它們從發送網路路由到接收網路。
Layer 2: Data link layer
第 2 層:資料鏈路層
The data link layer organizes sending and receiving data packets within a single network. The data link layer is home to switches on the local network and network interface cards on local devices.
資料鏈路層負責在單一網路內組織發送和接收資料包。資料鏈路層是本地網路上的交換機和本地設備上的網路介面卡的所在地。
Protocols like network control protocol (NCP), high-level data link control (HDLC), and synchronous data link control protocol (SDLC) are used at the data link layer.
像網路控制協議(NCP)、高階資料鏈路控制(HDLC)和同步資料鏈路控制協議(SDLC)等協議在資料鏈路層中使用。
Layer 1: Physical layer 第 1 層:實體層
As the name suggests, the physical layer corresponds to the physical hardware involved in network transmission. Hubs, modems, and the cables and wiring that connect them are all considered part of the physical layer. To travel across an ethernet or coaxial cable, a data packet needs to be translated into a stream of 0s and 1s. The stream of 0s and 1s are sent across the physical wiring and cables, received, and then passed on to higher levels of the OSI model.
如其名稱所示,實體層對應於網路傳輸中涉及的實體硬體。集線器、調製解調器以及連接它們的電纜和線路都被視為實體層的一部分。為了在乙太網或同軸電纜上傳輸,數據包需要被轉換為 0 和 1 的流。這些 0 和 1 的流經由實體線路和電纜傳送、接收,然後再傳遞到 OSI 模型的更高層。
Key takeaways 關鍵要點
Both the TCP/IP and OSI models are conceptual models that help network professionals design network processes and protocols with regards to data transmission between two or more systems. The OSI model contains seven communication layers. Network and security professionals use the OSI model to communicate with each other about potential sources of problems or security threats when they occur. Network engineers and network security analysts use the TCP/IP and OSI models to conceptualize network processes and communicate the location of disruptions or threats.
TCP/IP 和 OSI 模型都是概念模型,幫助網路專業人員設計網路過程和協議,以便在兩個或多個系統之間進行數據傳輸。OSI 模型包含七個通信層。當問題或安全威脅發生時,網路和安全專業人員使用 OSI 模型來相互溝通潛在的問題來源或安全威脅。網路工程師和網路安全分析師使用 TCP/IP 和 OSI 模型來概念化網路過程,並溝通中斷或威脅的位置。