Definition

session layer

By

Gavin Wright
Andrew Froehlich, West Gate Networks

What is session layer?

The session layer is Layer 5 of the OSI communications model. It is the long-lived logical connection that persists between endpoints over time. A single session is all the back-and-forth communication between two endpoints. It helps a protocol to be more consistent and reliable. The TCP/IP protocol does not have a separate session layer, but it's functionality can be present in the TCP/IP application layer.

The session layer sits between the transport and the presentation layer in the OSI model. The transport layer consists of short-lived bursts of data, typically in packets. The transport layer isn't concerned if the computers are already in communication or not, it simply sends packets back and forth. The session layer organizes this start and stop traffic into an overall session between the two endpoints with a specific start and end point. The session layer then gives the coherent data it collected to the presentation layer.

Chart showing OSI model Layer 5 — The session layer, Layer 5 in the OSI communications model, is between the transport and the presentation layers.

The session layer is important for the internet to function because it can save bandwidth and processing power. Encrypted communication between two endpoints typically takes a lot of processing power at startup to create and send the shared secrets. By maintaining the single session between endpoints the same secrets can be used for some time. If there was no long-lived session, they would need to do the same expensive start up process each time they wanted to send a packet of data, which would be slow and take a lot of processing power to do.

Authentication can happen at the start of a session. Then all communication within that session could be considered as coming from the same source, without needing to re-authenticate for every sent data packet.

The session layer can contain checkpoints in the data to be transmitted. If the sent data were to be lost or corrupted during transmission, only the newest data since the last checkpoint would need to be retransmitted. This saves on the total amount of data transmitted. It also insulates the higher-level systems from being aware of low-level data transmission problems.

To help understand the session layer, imagine two people at a party. They would typically say hello to each other at the start of the party, initiating a long session between the two of them. The length of the conversation between when they say hello and goodbye would be one session. The sentences they say back and forth would be the transport layer; they could even talk about different topics, similar to the application layer. A single session could even be momentarily interrupted; perhaps one person stops to talk to someone else, but then goes back to talking to the original person again and continues the conversation without another greeting. When they say goodbye, it would end the session. Maybe much later they bump into each other and then say hello again, starting a new session.

The session layer is important in media streams. IT can help to combine separate data streams, such as one for audio and one for video, into a single session. This can be controlled with high-level protocols, such as the Session Initiation Protocol (SIP).

Chart showing how Session Initiation Protocol (SIP) works — Important in media streams, the session layer can help to combine separate data streams into a single session through high-level protocols such as the Session Initiation Protocol (SIP).

TCP/IP and the session layer

The OSI model is a theoretical construct of how communication between systems can be understood. It does not directly relate to any specific implementation. TCP/IP, on the other hand, is a practically implemented protocol that is used in modern computer networks and on the internet.

TCP/IP does not contain a specific session layer. Instead the functionality of the OSI session, presentation and application layers are all combined into the single TCP/IP application layer. So, any session functionality present on a TCP/IP network must be implemented on a higher-level protocol that lives on top of TCP/IP.

Session layer protocols

There are several different session layer protocols, including the following:

AppleTalk Data Stream Protocol (ADSP) and AppleTalk Session Protocol (ASP) (Deprecated).
H.245.
ITU X.225.
Layer 2 Forwarding (L2F) and Layer 2 Tunneling Protocol (L2TP).
Network Basic Input/Output System (NetBIOS).
Point-to-Point Tunneling Protocol (PPTP).
Real-time Transport Control Protocol (RTCP).
Remote Procedure Call (RPC).
Session Control Protocol (SCP).
SIP
SOCKS Proxy.

Learn how to identify and prevent OSI model Layers 4 to 7 security risks.

This was last updated in April 2023

Continue Reading About session layer

12 common network protocols and their functions explained

Choosing between an SSL/TLS VPN vs. IPsec VPN

9 most common network issues and how to solve them

Intro to encapsulation and decapsulation in networking

Prepare your answers for 15 server and networking interview questions

Dig Deeper on Cloud and data center networking

Search Unified Communications

UCaaS vs. CCaaS vs. CPaaS: What's the difference?
It can be difficult to make sense of popular cloud communications service models. Compare UCaaS vs. CCaaS vs. CPaaS to understand...
5 steps to address hybrid meeting equity
Taking the steps necessary to ensure that employees can attend meetings, regardless of location, takes time, but new tools can ...
Hybrid meeting technology helps AV teams address equity
Ensuring remote and in-office workers share the same meeting experience is a constant challenge. Vendors are helping companies ...

Search Mobile Computing

5 top mobile security courses and certifications for IT
To stay on top of new threats, IT pros can test their skills with mobile security training. Explore the top programs to learn ...
How to incorporate smishing into security awareness training
Smishing is a major threat on enterprise smartphones, but users might not know how it compares to traditional email phishing. IT ...
Building mobile security awareness training for end users
Do concerns of malware, social engineering and unpatched software on employee mobile devices have you up at night? One good place...

Search Data Center

Dell Technologies pitches its hardware for AI data centers
Servers, networking and storage hardware take center stage at Dell Technologies World 2025, as well as a tightly integrated ...
Single-tenant vs. multi-tenant cloud architecture
Single-tenant and multi-tenant cloud architecture offer unique advantages and disadvantages. Understanding both is crucial for ...
Nutanix platform may benefit from VMware customer unrest
Nutanix's Next 2025 conference attendees are jumping ship to the platform after Broadcom's VMware buy, as Nutanix executives plan...

Search ITChannel

AWS Marketplace channel partners rev software, service sales
Partners are building a new route to market on AWS Marketplace. One has surpassed $1 billion in total sales and another expects ...
Guide to building and executing an MSP business model
This managed service guide provides an overview of the business model, covers the basics of building a service provider business ...
Partner's Apple Watch referee app lets NHL stripes keep focus
Presidio designed the NHL Watch Comms App to sync with a hockey arena's game and penalty clocks and use haptic notifications to ...

Close