Howard M Cohen

Compelling Content Creator/hmc@hmcwritenow.com/520.779.0779

Jan 10, 2022
Published on: ModernMSP
1 min read

Keep the focus on the quality of your solution, keep customers from shopping your prices, and lead with what you do for your customer beyond what you sell them by bundling every project proposal.

This is especially true and even more important when the project is for improvements to their data and network security!

The Importance of an Every-Layer Solution

There’s a very applicable axiom here that reminds us any chain is only as good as its weakest link. Similarly, any security solution is only as good as its weakest layer.

In a recent post here in Modern MSP we discussed the seven-layered ISO/OSI networking model, in which data is entered into the network through software running on the Application layer. This application is running on a device-based operating system at the Presentation layer which is signed in through the Session layer. Data is moved from that user to another destination by the Transport layer which uses the Network layer to connect to that destination. This connects to the actual network via a network interface card at the Data-Link layer which, finally, connects to the actual cabling and wireless infrastructure at the Physical layer.

Putting that knowledge to good use, we can use the seven-layer model as a checklist when building a comprehensive bundled security solution for a customer.

Use the seven-layer model as a checklist when building a comprehensive bundled security solution for a customer

Security at the Physical Layer

The threat at the physical layer is, of course, physical. Network cables can accidentally or purposely be cut or unplugged. Power surges can bring down physical infrastructure. Properly equipped cyberthieves can intercept traffic by detecting electromagnetic waves emanating from unshielded cables. Solution? Use shielded cables and reinforce with even more shielding at vulnerable points.

Security at the Data-Link Layer

This layer involves the network interface cards and other devices that conduct packets from the physical cables into and out of the various devices on the network. Cyberthieves work to bypass LAN and VLAN protocols to identify the unique media access control (MAC) layer addresses assigned to every device. Once obtained they can be “spoofed” to gain access to vulnerable hosts. Authentication and encryption are useful tools in battling this.

Security at the Network Layer

Now the packets are addressed and routed to their intended destinations under strict control. Again, cybercriminals are attempting to spoof. This time they are focused on the assigned IP addresses to spoof them and their packets so the bad actor can appear to be legitimate when invading forbidden hosts. Strong firewalls play a big role here with routing and anti-spoofing filters.

Security at the Transport Layer

Welcome to traffic control in which segmentation and error controls govern the movement of data flowing through the network. The control is provided by Transmission Control Protocol (TCP). Once again effective firewalls combined with software to limit TCP and other transport control protocols is key.

Security at the Session Layer

The whole idea of networking involves interaction between local and remote nodes and applications. Connections must be created, managed, and then terminated on demand. Brute force attacks are often used to penetrate at this layer in an attempt to take advantage of inadequate authentication. The solution is strong, multi-factor authentication with carefully stored and protected encrypted passwords. Limits on the number of login attempts allowed also discourage attackers.

Security at the Presentation Layer

Applications and the network don’t always use identical data formats. Data is normalized at the Presentation layer to maintain steady communication and interaction between the Application layer and the rest of the network. Usually, the only attacks at this layer are malicious inputs that serve to crash the system or open the door for exploits. It helps to keep user input away from program control functions to minimize this.

Security at the Application Layer

Given that we have now arrived at the point closest to the user it’s a safe bet that this is the most vulnerable layer of all. In fact, there are so many potential exploits it would be impossible to describe them all here. The negative results include denial of service, applications falling under the control of bad actors, data corruption or theft, and more. Security begins with the application developers whose adherence to best security practices plays a huge part.

As you reviewed these vulnerabilities at every layer you probably thought about many different security solutions you’d apply. Remember that each different point solution brings with it deep investments in training and support. This is a major reason why “best-of-platform” is quickly supplanting “best-of-breed” in the minds of many integrators.

A Useful Exercise

It is unlikely that you’ve developed a favored solution at all seven layers. To create your checklist, start with the list of layers and then supply the names of the appropriate products or platform features you’d select at each layer. You may have to go survey what’s available to you to complete the checklist, but once you have you have a powerful guide to creating comprehensive trustworthy solutions for your customers that will further your reputation for excellence.

RELATED ARTICLES FOR MSPs

Building the Modern MSP Cybersecurity Bundle

The Cybersecurity services opportunity for MSPs continues to be a hot topic at all of the community events I’ve…

Ransomware