Patrick Denis > Cisco > Standard Operating Procedure (SOP) Network & Wireless Infrastructure Assessment

Standard Operating Procedure (SOP) Network & Wireless Infrastructure Assessment

July 5, 2025 0 Comments

Cisco

Step-by-Step Process:

1.Network Infrastructure Assessment

1. Initial Preparation & Coordination

  • Schedule a kickoff call with stakeholders and onsite personnel to define the scope, business objectives, and constraints.
  • Confirm change windows, critical business applications, and acceptable downtime, if any.
  • Validate the remote access method is secure (VPN, jump host, MFA-enabled RDP/SSH).

2. Information Gathering

  • Ask the onsite techs to gather:
    • Rack layout and photos of physical topology
    • Cable labeling and patch panel info
    • Device model numbers and serials
    • Current ISP handoff info and demarc location
    • End Devices ( computers. laptops,phones,printers,scanners,cameras etc… )
  • Remotely collect:
    • Network diagrams (if available)
    • Running configurations of all routers, switches, firewalls
    • Inventory: Macs/ports, Interface status, VLANs, routing tables, NAT, ACLs, VPNs
    • Performance data (CPU/mem, link utilization, error counters)
    • Security posture (open ports, unused services, weak passwords)

3. Topology Mapping

  • Use gathered data to build a logical and physical topology.
  • Identify:
    • Core/distribution/access layer layout
    • Redundancy (HSRP/VRRP, LACP, dual-homed links)
    • WAN and remote site connectivity

4. Assessment

  • Evaluate:
    • Network design flaws (single points of failure, flat networks, poor segmentation)
    • Outdated firmware or hardware
    • Security risks (default credentials, unnecessary open ports, unencrypted protocols)
    • Compliance gaps (if regulated industry)
    • Scalability and capacity ( ports availability )

5. Define the Upgrade Plan

  • Prioritize issues (critical, high, medium, low).
  • Propose:
    • VLAN redesign or segmentation
    • IP addressing cleanup (summarization, DHCP strategy)
    • Routing optimization (static vs. dynamic, redistribution risk)
    • Firewall policy improvement
    • Redundancy and failover enhancement
    • Wireless coverage analysis

6. Test and Validate

  • Use tools like ping, traceroute, NetFlow, Wireshark, or SNMP polling to validate assumptions and monitor live behavior.
  • With on-site staff, test:
    • Port mappings
    • Cabling errors or mislabeling
    • Wi-Fi coverage

7. Documentation

  • Update or create:
    • Network topology maps
    • Device inventory
    • Configuration backups
    • Visio diagrams
    • Change management plans

8. Present Recommendations

  • Create a report or presentation for management:
    • Current state
    • Risks identified
    • Proposed roadmap (short-term and long-term)
    • Budget and timeline estimates

9. Plan for Implementation

  • Schedule change windows
  • Define rollback procedures
  • Stage configurations for deployment
  • Coordinate with site techs for physical tasks

2.Wireless Infrastructure Assessment

1. Initial Preparation & Coordination

  • Get floor plans and identify business-critical Wi-Fi zones (offices, warehouses, conference rooms).

2. Information Gathering

  • Physical photos of:
    • Network racks, patch panels
    • Wi-Fi AP placements (height, orientation)
  • Details on:
    • Mounting (ceiling vs. wall)
    • AP model numbers, PoE switches
    • Interference sources (microwaves, glass, metal, etc.)

Remotely:

  • Collect configurations from wireless controllers (Cisco WLC, Aruba, Meraki, etc.).
  • Pull data on:
    • SSIDs and VLAN mapping
    • Radio settings (2.4GHz vs. 5GHz/6GHz)
    • Channel planning and power levels
    • Client distribution per AP
    • Roaming behavior and authentication methods
    • DHCP lease stats and DNS/DHCP response times

3. Topology Mapping

  • Build full wired + wireless topology.
  • Identify:
    • Switch-to-AP PoE connections
    • Controllers
    • Redundancy in controller/WLC or failover strategies

4. Assessment Phase

Current Wi-Fi:

  • Use remote tools (e.g., Meraki dashboard, Aruba Central, Ekahau Cloud) to:
    • Identify coverage gaps and over-saturation
    • Check for channel overlap and co-channel interference
    • Review client connectivity issues and frequent roaming
    • Audit authentication (802.1X, PSK, Guest access segregation)

5. Site Survey – Predictive or Onsite

  • If tools are available onsite:
    • Have field techs use Ekahau Sidekick, NetAlly AirCheck, or Survey Pro to do passive/active site surveys
    • Map actual signal strength vs. expected coverage
    • Identify interference from neighboring APs or rogue devices
  • If remote only:
    • Use survey tools in Ekahau, Meraki, UniFi, or Mist dashboards

6. Recommendations

  • Propose changes such as:
    • AP repositioning or adding more APs
    • Adjusting Tx power and channels (manual vs. auto RRM)
    • Splitting SSIDs by access policy (corp, guest, BYOD)
    • Enabling band steering and fast roaming
    • Upgrading firmware and using WPA3 if possible
    • Increasing DHCP scope for dense environments

7. Testing and Validation

  • Onsite: Instruct technicians to validate SSID visibility, signal strength, roaming behavior.
  • Remote: Run ping/jitter tests from clients, capture logs during roaming events, check controller logs for disconnects or auth failures.

8. Documentation

  • Update:
    • Wireless and wired topology maps
    • SSID-to-VLAN mappings
    • AP inventory and placement plans
    • Change logs and risk matrix for wireless changes

9. Present Findings and Roadmap

  • Separate report sections for wired and wireless infrastructure.
  • Include:
    • Current state
    • Risks/gaps
    • Short/long-term upgrade plan
    • Estimated cost and timeline

Related Posts

Leave a Comment