The fifth layer of the OSI Reference Model is the session layer. Since applications running on different hosts may need to establish a connection in order to operate, the session layer is responsible for setting up the connection. It is important to note that the session layer is responsible for communication between applications on hosts. The transport layer provides similar functionality, but is host-centric rather than application oriented.
The session layer provides three basic functions: creation of the connection, maintenance of the data transfer, and release of the connection. Creating and destroying connections is a fairly self-explanatory concept. When an application needs to establish a connection with another application, session layer protocols are responsible for creating the new connection and taking it down when the interaction is complete. During the data transfer, the session layer protocol can monitor the communication and ensure stable transfer. If the connection is broken, session restart is an option (Harris, 2008).
When a session layer protocol creates a session between two applications, it can support up to three communication modes. Simplex mode allows communication in only one direction. During the entire course of the session, one side is the receiver and the other is the sender. Half-duplex allows each side to communicate, but data can only be sent by one side at a time. While one application is sending, the other is receiving. Finally, full-duplex mode allows both sides to send and receive simultaneously (Harris, 2008).
Although many protocols operate in the session layer, end-users are not often aware of their presence. For example, many business users establish secure connections with their companies when working remotely. Examples of session layer protocols that provide this functionality include Layer 2 Tunneling Protocol (L2TP), Point-to-Point Tunneling Protocol (PPTP), and Secure Shell (SSH). Additionally, the International Organization for Standardization (ISO) designed the OSI Session Protocol (ISO-SP) to provide the functionality defined in the session layer (Dong, 2007).
There are two categories of network components that may operate in the session layer. Application gateways, also known as proxy servers, provide a layer of security between clients and servers. Clients establish sessions with the proxy server, and the proxy server makes a request to the application server on the client's behalf. The proxy server creates and manages two separate sessions and must ensure the data flows between the sessions appropriately (Whitman & Mattord, 2009). Session layer firewalls are relatively simplistic firewalls by today's standards. They provide basic security against network intrusion, but cannot stop more complicated application-based attacks. These devices are being replaced by more powerful firewalls that can use packet inspection to check for common attacks at the application layer (Magalhaes, 2008).
Dong, J. (2007). Network protocol handbook (4th ed.). Saratoga, CA: Javvin Press.
Harris, S. (2008). CISSP all-in-one exam guide (4th ed.). New York: McGraw-Hill.
Magalhaes, R. (2008). The difference between application and session layer firewalls. Retrieved September 2, 2009 from
Whitman, M. E. & Mattord, H. J. (2009). Principles of information security (3rd ed.). Boston: Thomson Course Technology.