Network Refresh Series – Part 3: Discovery and Documentation

Attribute

Details

Device Roles

Categorized into: Switches (Core, Distribution, Access), Routers (Edge, Branch), Firewalls (Perimeter, Internal), Wireless Controllers, Load Balancers

Make & Model

Manufacturer details and model numbers (e.g., Cisco Catalyst 9300, Palo Alto PA-3220, FortiGate 100F, Juniper EX3400)

OS / Firmware

Software version, build number, release notes cross-checked for compatibility and known vulnerabilities/bugs

Uptime & Last Reboot

Indicates device health and operational stability; correlated with config changes or outages

Location & Rack Info

Data center/branch location, building, floor, room, rack unit (RU), cabinet IDs

Labeling & Asset Tagging

Hostname labels, asset IDs, tag readability, and accuracy with CMDB or tracking sheet

Configuration Backup

Manual/automated (RANCID, Oxidized, Git, SolarWinds); schedule, backup location, and verification checks

Running Configuration

Versioned storage, access control, and alignment with last approved change request

Serial Numbers & Licensing

Serial numbers recorded and mapped to support contracts or smart licensing platforms

Power Feeds & Redundancy

UPS, PDU info, dual power supply check, circuit details, and failover readiness

Port & Interface Inventory

Interface counts, speeds (1G/10G/40G/100G), uplink types, unused ports

Hardware Modules

SFPs/GBICs, line cards, stacking cables, netflow/telemetry support cards

Photos

Front and rear photos of each device (including LED status, cabling, ports, power supplies)

Documentation Status

Rack elevation diagrams, wiring maps, device IP plan, and Layer 1/2/3 maps linked

Monitoring Status

Confirm SNMP setup, polling intervals, alert thresholds configured in monitoring tools

End-of-Life/End-of-Support

Lifecycle reports from vendor portals with refresh plan and risk matrix

Notes & Observations

Physical cleanliness, cabling hygiene, noise/temperature issues, field engineer feedback

Item

Details

Lifecycle Check

Vendor support status

Replacement Plan

Devices flagged for refresh

Contract Impact

Patch/feature availability, warranties

Item

Details

Access Controls

Console, SSH, Telnet settings

Passwords

Encryption types (Type 5, 9)

VTY Lines

Access from management subnets only?

SNMP

v2c vs v3, community strings/keys

Item

Details

License Type

Traditional vs Smart

Feature Sets

VPN, routing, SD-WAN, etc.

Subscription Expiry

Dates for firewalls, controllers, etc.

Item

Details

Stacking

StackWise, Virtual Chassis

Firewall Failover

Active/Active or Active/Standby

Redundancy

Fans, uplinks, PSUs

Gateway Redundancy

VRRP, HSRP setup

Item

Details

Unused Elements

VLANs, ACLs, interfaces

Policy Conflicts

Duplicate or overlapping policies

Hostnames

Naming standardization

System Configs

Logging, NTP, AAA, DNS, QoS

Banner

Compliance banners present

Item

Details

Resources

CPU, memory, temperature trends

Interfaces

Errors, discards, CRCs, flaps

Routing

BGP/OSPF flaps, adjacencies

Monitoring Tools

PRTG, SolarWinds, NetBox history

Attribute

Details

VLAN IDs

Example: VLAN 10 (Guest WiFi), VLAN 20 (VoIP), VLAN 30 (Corporate WiFi)

Purpose

Segmentation by function, department, access levels

Subnet Mapping

VLAN to subnet correlation

Security

VLAN ACLs, private VLANs for isolation

Spanning Tree

VLAN-specific root bridge roles and STP settings

Trunking

Native VLANs, allowed VLANs on trunks

Documentation

VLAN usage, change history, lifecycle tagging

Attribute

Details

IP Ranges

CIDR-based definitions per VLAN/site (e.g., 10.10.20.0/24 for VLAN 20)

DHCP Scopes

DHCP ranges, reserved IPs, exclusions, lease durations, scope utilization %, primary/backup DHCP servers

Static Assignments

Core infra devices (gateways, servers, printers), documented in IPAM or spreadsheet

Protocol

Key Info

OSPF

Areas, Router IDs, DR/BDR, Hello/Dead timers, Network Types, Authentication (plain/text or MD5), LSDB summary

BGP

AS numbers (local/remote), Neighbor relationships, Path attributes (Local Preference, MED, AS Path), Route maps, Prefix lists, Community tags, Route reflectors, Peering via VPN/MPLS

Static Routing

Used in edge, stub, or DMZ segments

Redistribution

Between BGP ↔ OSPF or Static ↔ Dynamic, with route filtering and tag management

Category

Attributes

Temp Sensors/HVAC

Make/model, IPs, VLANs, polling interval, thresholds for alerts, integration with BMS

Cameras/NVRs

IPs, VLAN, model, storage retention, access control, PoE status, firmware

Printers

Hostname, IPs, VLAN, print server config, driver/firmware version, user mapping

Access Control

Biometric/card systems, IPs, controller info, door mapping

UPS Monitoring

IP-based console access, SNMP integration, battery age, thresholds

Edge Compute

Raspberry Pi, Industrial PC details, containerized apps, OS version

Monitoring & Alerts

SNMP, HTTP API, MQTT for sensors, logging and notification mapping

Item

Details

ISP Providers

Primary, backup providers with service type (Broadband/MPLS/Leased Line)

Account Info

Circuit IDs, billing accounts, SLAs, escalation matrix

Bandwidth

Contracted vs actual, burstable limits, usage history, link saturation checks

Last Mile

Media type (fiber, copper, wireless), demarc location

Public IPs

IP blocks, NAT mapping, PTR records

Routing

BGP with ISP, static routes, dual-homing strategy

Outage History

Major incidents, RCA summaries

Area

Details

Physical/Virtual

Host OS, hypervisor type (VMware/Hyper-V), vCPU/Memory allocation

Patch Status

OS and app-level patch cadence, automation tools (WSUS, Ansible)

DNS/DHCP

Server roles, split DNS setup, forward/reverse zone delegation

Directory Services

AD domain structure, FSMO role holders, trust relationships

Backup Status

Backup tools (Veeam, Commvault), frequency, restore tests, offsite copies

Antivirus & EDR

Solution in place, policy applied, update status

Key Services

LDAP, RADIUS, File/Print, Remote Access, Licensing Servers

Attribute

Details

Peer Endpoints

Site names, public IPs, DNS names, geo-location

Tunnel Type

Site-to-site, Remote Access, DMVPN, GRE-over-IPsec

Phase 1 Settings

Encryption (AES-256), Hashing (SHA-2), DH group, Lifetime

Phase 2 Settings

Encryption domains, PFS settings, SA lifetimes

Authentication

PSK, RSA certs, certificate authority info

High Availability

Primary/backup peer config, Dead Peer Detection

Logs & Monitoring

Tunnel status, uptime, logs, SNMP/NetFlow integration

Vendor Contacts

SLA, after-hours support, portal credentials

Item

Details

Call Manager

Physical/Virtual, Version

QoS

DSCP EF, VLAN 20, Jitter Buffer

SIP

Trunks, URI, Phone models

Attribute

Details

SSIDs

Broadcast/non-broadcast, VLANs mapped

Auth Type

WPA2/WPA3 Personal vs Enterprise, RADIUS/NPS integration

AP Details

Make/model, firmware, mounted location, PoE consumption

Controller Info

On-prem/cloud-managed (e.g., Meraki, Aruba), redundancy

RF Coverage

Heatmaps, signal strength thresholds, noise levels

Channel Plan

2.4GHz (1,6,11), 5GHz/6GHz DFS settings

Band Steering

Enabled/disabled, client distribution patterns

Wireless QoS

WMM, VoIP prioritization

Guest Access

Captive portal, time-based access, isolation policies

Attribute

Details

Device Info

Model, location, calibration date

Alert Thresholds

Warning/critical values for temperature/humidity

Monitoring

Integration with NMS, polling frequency

Connectivity

SNMP, HTTP/HTTPS, MQTT

Power

PoE/non-PoE, backup power status

Logs

Alert history, environmental trends

Item

Details

Server IP/Port

E.g., 10.10.10.100:514 or :6514 TLS

Retention

30d for switches/routers, 1y for firewalls

Device

Metrics

Threshold

Core Switches

CPU, Temp

>70% CPU (5 min)

Firewalls

Sessions, VPN tunnels

>80% table

Routers

BGP peer, latency

Peer down = alert

SNMP Version

v2c or v3 (RO strings, auth users)

API

Cisco DNA, Meraki

Polling

1m critical, 5m edge

Item

Check

Hardware

RAID, SMART errors

Services

DNS, DB, App (e.g., Apache, Exchange)

Rules

Disk >85%, Apache down, SQL deadlocks

Attribute

Details

Device Types

Desktops, laptops, thin clients, mobile devices (phones/tablets), BYOD vs. corporate-issued

Operating Systems

Windows, macOS, Linux, ChromeOS; versions in use, update compliance

Patch Management

WSUS, Intune, JAMF, SCCM, third-party patch coverage (Adobe, Java)

Endpoint Protection

Antivirus/EDR agents, real-time protection, last scan date, definition update status

Local Admin Rights

Control policies, exception tracking, audit logs

User Mapping

Username-device association, department tagging, AD join status

Software Inventory

Installed apps list per device, license usage, version tracking

Remote Access Tools

VPN client, RDP settings, remote desktop agents (e.g., AnyDesk, TeamViewer)

Asset Lifecycle

Procurement date, warranty/AMC status, refresh cycle plans

Monitoring Agents

Endpoint telemetry tools (CrowdStrike, Nexthink, SysTrack), performance & health data

Drive Encryption

BitLocker/FileVault status, key escrow policies

Data Backup

Folder redirection, cloud sync (OneDrive/Google Drive), endpoint backup tools

Compliance

DLP policies, USB device control, GDPR/SOX adherence checks

WiFi Usage

Access point affinity, roaming patterns, WiFi drivers

Support Channels

Helpdesk system (Jira, Freshservice, ServiceNow), asset tickets linked to user/device

Category

Details

Internal IT Teams

Names, phone, email, areas of ownership, shift schedules

On-Site Contacts

Site engineers, floor managers, weekend support

Escalation Matrix

L1, L2, L3 contacts for all infrastructure areas

Vendors

ISP, Firewall, WiFi, Core Switch OEMs – contacts, support contracts

Partner Support

System integrators, managed service providers, renewal contacts

Incident Contacts

Security team, compliance, legal advisors for major outages

Category

Checklist / Description

Photographic Documentation

– Front and rear images of every network device (switches, routers, firewalls, APs, PDUs, etc.)

– Zoomed-in shots of serial numbers, model stickers, and licensing labels

– LED status indicators showing operational state (green/orange/blinking)

Cabling & Patch Panels

– Detailed photos of cable paths, color codes, and cable types

– Patch panel-to-switch port mapping and label clarity

– Fiber trays, splice points, termination enclosures, and tray IDs

– Power cabling to PDU, UPS, and device power supplies

Rack Elevation & RU Mapping

– Front and rear full rack elevation photos

– RU allocation diagram (what’s occupying which space)

– Identify empty/unused RU slots for planning

– Photos showing grounding straps and bonding points

Serials & Asset Tags

– Cross-check serial numbers against asset list and warranty records

– Ensure hostname labels match documented names

Physical Security Measures

– Cabinet lock type (e.g., tubular, combination), key numbers if applicable

– Access control features: biometric readers, keypads, or RFID readers

– Presence of tamper-evident seals on core or sensitive devices

Environmental Controls

– Photos and logs of temperature and humidity gauges

– Location and type of fire suppression systems (FM200, Novec, etc.)

– Check airflow direction and fan/filter cleanliness

Electrical Circuit Mapping

– Document every power circuit feeding the rack: panel number, breaker number, breaker rating (A)

– Photograph breaker panel labels before making changes

Power Chain Evidence

– Photograph UPS units, model numbers, and LCD displays

– Confirm input/output feeds for UPS and PDU

– Record PDU model, port count, and load capacity

– Note battery expiry dates for UPS and battery backup units

Grounding & Electrical Verification

– Ensure all racks are properly grounded

– Check for grounding straps between rack, PDU, and cable trays

– Capture manufacturer’s grounding instructions if available

Capacity Planning Inputs

– Note available power headroom (amps, kVA)

– Free RU space for expansion

– Identify thermal hotspots and power constraints

Vendor Paperwork

– Store hard copies or scanned copies of: rack layouts, vendor designs, warranty papers, MSA/MSRs, hardware BOMs, and support contracts