Project Information Collection Before Deployment

Network environment

Finalize the network architecture and design solution.

Network type: wired network, wireless network, or wired and wireless converged network

Determine whether there is a need to build a wireless network or upgrade the network into a wired and wireless converged network.

If unified authentication is required, the wired and wireless convergence solution is recommended.

Geographical distribution of the campus network: centralized or dispersed

Preliminarily determine the basic network architecture and specify the network planning for egress, backbone, core, and access networks. If the campus network is geographically centralized, consider using the single-core architecture. If the campus network is geographically dispersed, for example, multiple buildings with large network scale have heavy internal traffic between them, consider using multiple core or aggregation points.

Distribution of equipment rooms or extra-low voltage (ELV) rooms

If there are many ELV rooms or equipment rooms, deploy an aggregation point in each ELV room or equipment room. If the multi-core interconnection architecture is used, deploy multiple cores in different equipment rooms respectively. In addition, you also need to consider the device layout and distance between the devices.

Network environment

For wireless networks, check whether the networks are deployed in outdoor or indoor scenarios and identify surrounding interference factors (such as radar and non-Wi-Fi interference). Check the temperature and humidity, check whether there are special requirements for earthquake resistance, surge protection, and electricity protection, and specify the working environment of APs. Determine installation locations, placement angles, grounding conditions, and power supply modes of APs.

For wired networks, check power supply and heat dissipation conditions of the equipment room, and power supply capability of each rack. Ensure that the distance between devices meets the standard.

Site survey and network planning solutions

Check whether there are clear site survey and network planning solutions. A reliable network planning solution ensures the delivery quality of wireless networks.

Network services

Determine the network bandwidth and service features.

Common services: office, email, and Internet access

Normal office services have low requirements on network bandwidth (about 200 kbit/s), and common network access can meet such a requirement.

Key services: data, VoIP, video, and desktop cloud

Usually, a campus network is a LAN, so you do not need to consider the network delay. If VoIP, video, and desktop cloud services involve branch, metropolitan area network (MAN), or WAN connections, you need to take network delay into consideration. For the VoIP service, consider the following factors: whether a shared or independent network is deployed for PCs; whether PoE power supply is needed; the number and specification of switches.

For the desktop cloud service, consider the network reliability or availability.

For the video service, take full account of bandwidth requirements.

Multicast service

Design the corresponding multicast solution, if needed.

VIP services

Identify key service requirements and determine the solution compliance, including the authentication scheme, multicast service, and terminal location.

New services within the next 3 to 5 years

Design a smooth upgrade and capacity expansion solution to meet service development requirements within the next 3 to 5 years, avoiding a waste or lack of resources.

Service security

Determine service isolation and network security protection solutions.

Service security: service isolation and interoperability

Check whether network services need to be isolated, and whether they are isolated physically or logically.

To isolate network services physically, design independent networks for these services. To isolate network services logically, use technologies such as VLAN and VPN to virtualize one network into multiple campus networks.

In addition, consider whether interoperability is required between different services. If interoperability is required, make interoperability policies and solutions in advance.

Network security: external security protection

Determine whether there is a need to deploy security devices, such as firewall, intrusion prevention system (IPS), intrusion detection system (IDS), network log audit, and antivirus wall to protect the network border security.

If high network security is required, for example, a specific security level, independent security devices are recommended. Otherwise, integrated security devices such as Unified Threat Management (UTM) or security value-added service cards can be used.

Network security: internal security protection

The online behavior management software or dedicated device is recommended to prevent security incidents caused by internal users.

Network security: terminal security protection

Terminal security protection includes terminal access security and terminal security check. Determine whether the Network Admission Control (NAC) solution is required.

Network scale

Finalize the network architecture and design solution.

Device selection, device version, number of devices, and user scale

For wireless networks, determine WAC specifications, number of APs, and number of wireless users, pay attention to version matching relationships between APs of specific new models and WACs, and check whether there is a need for high-density access in some key areas (such as conference rooms).

For wired networks, check the type and number of wired terminals and the number of wired users. Check the user access rate and interface type to determine the switch model and quantity. Check basic functions (stack, VLAN, and routing protocols) of switches required by customers and advanced functions (SVF, iPCA, user authentication, authorization, and accounting, free mobility, service orchestration, zero-touch provisioning, and policy association), and ensure that the network solution meets customer's requirements on functions and reliability to determine the switch model and version.

Network scale in the next 3 to 5 years, or the highest growth rate in recent years

Take capacity expansion and smooth upgrade into consideration when designing the network interfaces, capacity, and bandwidth, to meet the service development needs in the next 3 to 5 years.

The network scale includes both the user scale (the number of users or terminals) and the service scale (type, bandwidth, quantity, and use scope of services).

Branch

Consider the mode for interconnection between the headquarters and branches. Does the headquarters need to use leased lines and Internet lines? Is link backup needed?

Determine the remote access mode based on the service application scenarios. The remote access can be SSL VPN for personal access or IPSec VPN for fixed branch access, or both.

Terminal type

Determine the network access solution.

Terminal type: laptops, smartphones, and mobile smart devices such as tablets

Consider the supported access frequency band (2.4 GHz or 5 GHz) and access capability (802.11a/b/g/n/ac/ac Wave 2).

Terminal authentication and accounting solution

Consider the access authentication mode and whether to use unified wired and wireless authentication. If the authentication server is involved, check whether there is a server redundancy solution and whether server concurrency performance is required. If a third-party authentication server is involved, check the product name and version.

Terminal access permission

Determine whether to allow guest access and access areas if allowed.

Dumb terminals: IP phones, network printers, and IP cameras

Determine the access and authentication solutions for these dumb terminals.

Other terminals: industrial control computers and test controllers

Consider model selection of access switches. For example, industrial switches may be required for industrial campuses or production networks. The power supply mode of devices may be affected in outdoor scenarios.

Special network devices: dedicated network encryption devices and industrial switches

Consider compatibility and performance of these devices to prevent specification mismatch.

Third-party compatibility

Identify compatibility risks.

Information about interconnected products and their versions

Identify compatibility risks, including third-party authentication servers, network management systems, security monitoring platforms, and special industry terminals.

Acceptance KPI

Specify acceptance KPIs.

Minimum acceptance KPIs evaluated based on service features

For wireless networks, specify the acceptance KPIs, such as ping packet delay, access or authentication success rate, and performance indicators of a single user or multiple users.

For wired networks, test functions to ensure that all services of customers run properly, test the reliability to ensure that the network can be quickly restored if a single point of failure occurs, and test performance to ensure concurrent authentication of terminals, high-quality phone calls, and smooth video playback without frame freezing. Understand the acceptance criteria acknowledged by the customers in advance.

Project background

Determine delivery responsibilities.

Historical issues

Collect historical maintenance problems on the live network before the replacement, and use the AirMagnet to collection information about network planning and optimization before device replacement required in major projects or NA projects.

Network pain points

Determine the reason of network migration and replacement.

Network speed: Whether the network is congested.

Determine the network bandwidth and specifications of devices.

Network quality: Services are frequently interrupted and the network is unstable.

Use a network management system or a piece of network analysis software to identify specific causes of network stability deterioration and take measures accordingly. For example, use products providing hardware-based operation, administration and maintenance (OAM) functions. In addition, analyze the network quality required by services based on the customer's industry characteristics to ensure that the network quality meets service needs.

Network environment

Finalize the network architecture and design solution.

Replacement devices on the live network

Specify devices to be replaced, devices to be reserved, and devices to be removed. Devices to be replaced can be referenced for the design of new device solution based on service conditions on the live network. For devices to be reserved, identify the third-party NMS, authentication servers, and corresponding versions to evaluate interconnection feasibility, and identify the protocols used by these devices to evaluate interconnection feasibility. For devices to be removed, check roles and functions of these devices, and evaluate the correctness of device configurations after the replacement.

Network type: wired network, wireless network, or wired and wireless converged network

Determine whether there is a need to build a wireless network or upgrade the network into a wired and wireless converged network.

If unified authentication is required, the wired and wireless convergence solution is recommended.

Geographical distribution of the campus network: centralized or dispersed

Preliminarily determine the basic network architecture and specify the network planning for egress, backbone, core, and access networks. If the campus network is geographically centralized, consider using the single-core architecture. If the campus network is geographically dispersed, for example, multiple buildings with large network scale have heavy internal traffic between them, consider using multiple core or aggregation points.

Distribution of equipment rooms or extra-low voltage (ELV) rooms

If there are many ELV rooms or equipment rooms, deploy an aggregation point in each ELV room or equipment room. If the multi-core interconnection architecture is used, deploy multiple cores in different equipment rooms respectively. In addition, you also need to consider the device layout and distance between the devices.

Network environment

For wireless networks, check whether the networks are deployed in outdoor or indoor scenarios and identify surrounding interference factors (such as radar and non-Wi-Fi interference). Check the temperature and humidity, check whether there are special requirements for earthquake resistance, surge protection, and electricity protection, and specify the working environment of APs. Determine installation locations, placement angles, grounding conditions, and power supply modes of APs.

For wired networks, check power supply and heat dissipation conditions of the equipment room, and power supply capability of each rack. Ensure that the distance between devices meets the standard. Check the height of devices to be replaced and replacement devices to ensure sufficient space for the rack.

Site survey and network planning solutions

Check whether there are clear site survey and network planning solutions. A reliable network planning solution ensures the delivery quality of wireless networks.

Network services

Determine the network bandwidth and service features.

Live network services

Check the running network protocols, network topology, device type, number of devices, and device configurations on the live network, obtain the live network quality and supported services, entries (routing entries, ARP entries, and MAC address entries) of network devices on the live network, as well as interface status. Such information can be used as a reference during the design.

Device function

For various reasons, some device functions may need to be added to the network after the replacement. Therefore, you need to verify whether license-controlled items such as MPLS, IPv6, NQA, native WAC, and PPPoE need to be deployed.

Common services: office, email, and Internet access

Normal office services have low requirements on network bandwidth (about 200 kbit/s), and common network access can meet such a requirement.

Key services: data, VoIP, video, and desktop cloud

Usually, a campus network is a LAN, so you do not need to consider the network delay. If VoIP, video, and desktop cloud services involve branch, metropolitan area network (MAN), or WAN connections, you need to take network delay into consideration. For the VoIP service, consider whether a shared or independent network needs to be deployed for PCs and whether PoE power supply is needed. These factors affect the number and specification of switches.

For the desktop cloud service, consider the network reliability or availability.

For the video service, take full account of bandwidth requirements.

Multicast service

Design the corresponding multicast solution, if needed.

VIP services

Identify key service requirements, and determine the solution compliance, service traffic volume, service direction, and reliability protection mechanism, including the authentication scheme, multicast service, and terminal location.

New services within the next 3 to 5 years

Design a smooth upgrade and capacity expansion solution to meet service development requirements within the next 3 to 5 years, avoiding a waste or lack of resources.

Service security

Determine service isolation and network security protection solutions.

Service security: service isolation and interoperability

Check whether network services need to be isolated, and whether they are isolated physically or logically.

To isolate network services physically, design independent networks for these services. To isolate network services logically, use technologies such as VLAN and VPN to virtualize one network into multiple campus networks.

In addition, consider whether interoperability is required between different services. If interoperability is required, make interoperability policies and solutions in advance.

Network security: external security protection

Determine whether there is a need to deploy security devices, such as firewall, intrusion prevention system (IPS), intrusion detection system (IDS), network log audit, and antivirus wall to protect the network border security.

If high network security is required, for example, a specific security level, independent security devices are recommended. Otherwise, integrated security devices such as Unified Threat Management (UTM) or security value-added service cards can be used.

Network security: internal security protection

The online behavior management software or dedicated device is recommended to prevent security incidents caused by internal users.

Network security: terminal security protection

Terminal security protection includes terminal access security and terminal security check. Determine whether the Network Admission Control (NAC) solution is required.

Network scale

Finalize the network architecture and design solution.

Device selection, device version, number of devices, and user scale

For wireless networks, determine WAC specifications, number of APs, and number of wireless users, pay attention to version matching relationships between APs of specific new models and WACs, and check whether there is a need for high-density access in some key areas (such as conference rooms).

For wired networks, check the type and number of wired terminals and the number of wired users. Check the user access rate and interface types to determine switch models and quantities. Check basic functions (stack, VLAN, and routing protocols) of switches required by customers and advanced functions (SVF, iPCA, user authentication, authorization, and accounting, free mobility, service orchestration, zero-touch provisioning, and policy association), and ensure that the network solution meets the customer's requirements on functions and reliability to determine the switch model and version.

Network scale in the next 3 to 5 years, or the highest growth rate in recent years

Take capacity expansion and smooth upgrade into consideration when designing the network interfaces, capacity, and bandwidth, to meet the service development needs in the next three to five years.

The network scale includes both the user scale (the number of users or terminals) and the service scale (type, bandwidth, quantity, and use scope of services).

Branch

Consider the mode for interconnection between the headquarters and branches. Does the headquarters need to use leased lines and Internet lines? Is link backup needed?

Determine the remote access mode based on the service application scenarios. The remote access can be SSL VPN for personal access or IPSec VPN for fixed branch access, or both.

Terminal type

Determine the network access solution.

Terminal type: laptops, smartphones, and mobile smart devices such as tablets

Consider the supported access frequency band (2.4 GHz or 5 GHz) and access capability (802.11a/b/g/n/ac/ac Wave 2).

Terminal authentication and accounting solution

Consider the access authentication mode and whether to use unified wired and wireless authentication. If the authentication server is involved, check whether there is a server redundancy solution and whether server concurrency performance is required. If a third-party authentication server is involved, check the product name and version.

Terminal access permission

Determine whether to allow guest access and access areas if allowed.

Dumb terminals: IP phones, network printers, and IP cameras

Determine the access and authentication solutions for these dumb terminals.

Other terminals: industrial control computers and test controllers

Consider model selection of access switches. For example, industrial switches may be required for industrial campuses or production networks. The power supply mode of devices may be affected in outdoor scenarios.

Special network devices: dedicated network encryption devices and industrial switches

Consider compatibility and performance of these devices to prevent specification mismatch.

Third-party compatibility

Identify compatibility risks.

Information about interconnected products and their versions

Identify compatibility risks, including third-party authentication servers, network management systems, security monitoring platforms, and special industry terminals.

Acceptance KPI

Specify acceptance KPIs.

Minimum acceptance KPIs evaluated based on service features

For wireless networks, specify the acceptance KPIs, such as ping packet delay, access or authentication success rate, and performance indicators of a single user or multiple users.

For wired networks, test functions to ensure that all services of customers run properly, test the reliability to ensure that the network can be quickly restored if a single point of failure occurs, and test performance to ensure concurrent authentication of terminals, high-quality phone calls, and smooth video playback without frame freezing. Understand the acceptance criteria acknowledged by the customers in advance.

Network environment

Check the network environment before an upgrade.

Network upgrade and reconstruction

If you want to upgrade and reconstruct a network, you need to consider more factors, such as device compatibility and reuse, smooth network transition, and whether service interruption is allowed.

Upgrade scope

Check whether the upgrade is for a simple or complicated scenario. (Note: A single device is a simple scenario while an end-to-end scenario is a complicated scenario.)

Network pain points

Determine the reasons why the network needs to be upgraded.

New feature requirement

Determine the reasons why the network needs to be upgraded, check issues that have occurred in the earlier phase before the network upgrade, how they have been prevented and resolved, and whether there are known issues.

Verify whether customers upgrade the network to add new functions or resolve problems.

Known issues in earlier versions affect customer services.

Third-party compatibility

Identify compatibility risks.

Information about interconnected products and their versions

Verify whether the server or NMS matches devices. Versions of the third-party device and existing device must match after the upgrade.

Network services

Check whether the services are normal.

Network service application

Perform network service tests before and after the upgrade to ensure that the network services are normal before and after the upgrade.