Action Items

Action Items

ISE (Priority 1)

  • Document ISE node roles and failover sequence (PAN → MnT → PSN)

  • Verify critical-auth VLAN configured on all access switches

  • Verify AAA dead-server detection timers on all switches/WLCs

  • Document ISE backup schedule — config + operational backups

  • Test ISE restore procedure in d000 lab

  • Document certificate expiry dates and renewal calendar

  • Identify single points of failure in ISE deployment

  • Document RTO/RPO for ISE

Firewalls (Priority 2)

  • Document FTD HA failover behavior per pair (3 datacenter pairs)

  • Verify FMC backup schedule

  • Document FMC loss impact — FTDs continue with last policy

  • Test FMC restore procedure

  • Document RTO/RPO for FMC and FTD

Network (Priority 3)

  • Audit HSRP tracking on all distribution pairs (see VLAN 233 finding)

  • Document STP root bridge placement per building

  • Verify redundant uplinks on all access switches

  • Document core switch failure scenarios and reconvergence time

WLC (Priority 4)

  • Document WLC HA/SSO configuration

  • Verify FlexConnect local switching for critical SSIDs

  • Document AP failover behavior

DNS/DHCP (Priority 5)

  • Document DNS server redundancy

  • Verify DHCP relay configuration on all SVIs

  • Document DHCP scope exhaustion monitoring

SIEM (Priority 6)

  • Document QRadar HA configuration

  • Document Sentinel ingestion failover

  • Verify log source buffering behavior during SIEM outage