🔐 Understanding Network Security Across the OSI Model – PNG Edition 🇵🇬

🗞️ BTC Daily Digest

Date: 17 June 2025

Vol.1 Series 8

🌐 OSI Model Overview (7 Layers)

Each layer of the OSI model handles a specific aspect of communication, from physical cables to user-facing applications. Let’s explore each layer and the security measures applied in PNG settings like ISPs, schools, SMEs, and government departments.

1️⃣ Physical Layer (Layer 1)

What it does: Deals with hardware – cables, switches, Wi-Fi signals.

Security Risks in PNG:

• Cable tampering (especially in remote offices)
• Unsecured wireless access in internet cafes or on campuses

Security Controls:

✅ Lock equipment in secured server rooms

✅ Use CCTV or access cards in ISP/data center environments

✅ Disable unused physical ports

2️⃣ Data Link Layer (Layer 2)

What it does: Controls data flow between two directly connected nodes.

Security Risks:

• MAC spoofing in shared networks
• VLAN hopping in corporate setups

Security Controls:

✅ Enable port security on switches (e.g., Huawei or Cisco devices used in PNG)

✅ Implement 802.1X network access control

✅ Use VLAN segmentation to isolate internal networks (common in banks and telcos)

3️⃣ Network Layer (Layer 3)

What it does: Handles IP addressing and routing.

Security Risks:

• IP spoofing
• Routing attacks (e.g., RIP attacks in misconfigured routers)

Security Controls:

✅ Use firewalls (e.g., Fortinet, pfSense, MikroTik in PNG SMEs)

✅ Configure ACLs (Access Control Lists) on routers

✅ Apply VPNs for secure remote access (especially for distributed teams in PNG)

4️⃣ Transport Layer (Layer 4)

What it does: Manages end-to-end communication, using TCP/UDP.

Security Risks:

• TCP SYN flood (common in DDoS attacks)
• Port scanning (used by hackers to find vulnerabilities)

Security Controls:

✅ Use firewall rules to restrict open ports

✅ Implement rate limiting and intrusion prevention systems (IPS)

✅ Block unused ports (common practice in government IT departments)

5️⃣ Session Layer (Layer 5)

What it does: Manages sessions between applications.

Security Risks:

• Session hijacking in web apps
• Unprotected logins to internal systems

Security Controls:

✅ Use session tokens, timeout settings

✅ Implement multi-factor authentication (MFA) for user logins

✅ Avoid shared logins in school labs or office networks

6️⃣ Presentation Layer (Layer 6)

What it does: Formats and encrypts data.

Security Risks:

• Intercepted or unencrypted sensitive data
• Poor SSL/TLS setup on PNG-hosted websites

Security Controls:

✅ Always use HTTPS with valid SSL certificates

✅ Encrypt files at rest (e.g., using BitLocker or VeraCrypt)

✅ Use SFTP over FTP when transferring files

7️⃣ Application Layer (Layer 7)

What it does: Interfaces with user applications like email, browsers, etc.

Security Risks in PNG:

• Phishing attacks via Gmail/Outlook
• Malware from downloading cracked software
• Social engineering targeting local SMEs

Security Controls:

✅ Use email filtering and awareness training

✅ Install endpoint protection (antivirus/firewall combo)

✅ Monitor traffic with Layer 7 firewalls or WAFs (Web Application Firewalls)

🛡️ Final Thoughts for PNG ICT Community

Security isn't just about firewalls – it's a layered approach, just like the OSI model. Whether you’re a student in Lae, a system admin in Port Moresby, or running a startup in Mt Hagen, understanding where threats occur and how to mitigate them is key to protecting PNG's growing digital infrastructure.

#CyberSecurityPNG #NetworkSecurity #OSIModelExplained #ICTinPNG #BakaTeBTC #PNGTechEducation #InfoSecPNG