# 02 - Networking **Ultimo Aggiornamento**: [DATA_AGGIORNAMENTO] **Versione Documento**: [VERSIONE] **Responsabile**: [NOME_RESPONSABILE] --- ## 1. Architettura di Rete ### 1.1 Topologia Generale ``` [DIAGRAMMA_ASCII_TOPOLOGIA_RETE] ``` ### 1.2 Segmentazione Rete - **Core Layer**: [DESCRIZIONE_TECNOLOGIA] - **Distribution Layer**: [DESCRIZIONE_TECNOLOGIA] - **Access Layer**: [DESCRIZIONE_TECNOLOGIA] - **DMZ**: [SI/NO] - [N] zone - **Management Network**: [SUBNET] --- ## 2. Switch Core e Distribution ### 2.1 Inventario Switch Core | Hostname | Marca/Modello | Ruolo | Management IP | Porte | Uplink | Firmware | Posizione | |----------|---------------|-------|---------------|-------|--------|----------|-----------| | [HOSTNAME] | [VENDOR/MODEL] | [CORE/DIST] | [IP] | [N] | [TIPO/SPEED] | [VERSION] | [RACK-U] | ### 2.2 Configurazione Ridondanza - **Protocollo**: [VRRP/HSRP/STACKING/MC-LAG] - **Topology**: [RING/MESH/STAR] - **Link Aggregation**: [LACP/STATIC] - **Failover Time**: < [SECONDI]s ### 2.3 Spanning Tree - **Protocollo**: [STP/RSTP/MSTP] - **Root Primary**: [SWITCH_ID] - **Root Secondary**: [SWITCH_ID] - **Protezioni Attive**: [BPDU_GUARD/ROOT_GUARD/LOOP_GUARD] --- ## 3. Switch Access ### 3.1 Inventario Switch Access | Hostname | Modello | Management IP | Porte | PoE | Stack | Posizione | Uplink a | |----------|---------|---------------|-------|-----|-------|-----------|----------| | [HOSTNAME] | [MODEL] | [IP] | [N] | [W] | [MEMBER] | [RACK-U] | [DIST_SW] | ### 3.2 Standard Configurazione Access - **VLAN Management**: [VLAN_ID] - **VLAN Nativa**: [VLAN_ID] - **Porta di Default**: [VLAN/SHUTDOWN] - **Port Security**: [ENABLED/DISABLED] - **DHCP Snooping**: [ENABLED/DISABLED] --- ## 4. VLAN e Subnetting ### 4.1 Piano VLAN | VLAN ID | Nome | Subnet | Gateway | Scopo | ACL | DHCP | |---------|------|--------|---------|-------|-----|------| | [ID] | [NOME] | [SUBNET] | [IP] | [DESCRIZIONE] | [ACL_ID] | [SI/NO] | ### 4.2 Inter-VLAN Routing - **Metodo**: [ROUTER-ON-STICK/L3-SWITCH/FIREWALL] - **Device**: [HOSTNAME] - **Protocollo Routing**: [STATIC/OSPF/BGP] ### 4.3 Piano di Indirizzamento IP | Rete | Range | Utilizzo | Allocati | Disponibili | Note | |------|-------|----------|----------|-------------|------| | [SUBNET] | [RANGE] | [SCOPO] | [N] | [N] | [NOTE] | --- ## 5. Routing ### 5.1 Router e Firewall | Hostname | Tipo | Marca/Modello | Management IP | WAN IP | LAN IP | Throughput | Posizione | |----------|------|---------------|---------------|--------|--------|------------|-----------| | [HOSTNAME] | [ROUTER/FW/UTM] | [VENDOR/MODEL] | [IP] | [IP] | [IP] | [GBPS] | [RACK-U] | ### 5.2 Protocolli di Routing | Protocollo | Area/AS | Router | Reti Annunciate | Neighbors | Stato | |------------|---------|--------|-----------------|-----------|-------| | [OSPF/BGP/STATIC] | [ID] | [HOSTNAME] | [N] | [N] | [UP/DOWN] | ### 5.3 Route Statiche Critiche | Destinazione | Next Hop | Metric | Interfaccia | Scopo | |--------------|----------|--------|-------------|-------| | [NETWORK] | [IP] | [N] | [IF] | [DESCRIZIONE] | --- ## 6. Firewall e Sicurezza ### 6.1 Configurazione Firewall - **Marca/Modello**: [VENDOR/MODEL] - **Versione Software**: [VERSION] - **Modalità**: [ROUTED/TRANSPARENT] - **High Availability**: [ACTIVE-PASSIVE/ACTIVE-ACTIVE] - **Throughput**: [GBPS] Gbps - **Concurrent Sessions**: [N] ### 6.2 Zone di Sicurezza | Zona | Trust Level | Interfacce | Reti | Policy Default | |------|-------------|------------|------|----------------| | [ZONA] | [0-100] | [IF_LIST] | [SUBNET] | [ALLOW/DENY] | ### 6.3 Regole Firewall Principali | ID | Nome | Source | Destination | Servizio | Azione | Log | Hit Count | |----|------|--------|-------------|----------|--------|-----|-----------| | [ID] | [NOME] | [SRC] | [DST] | [SERVICE] | [ALLOW/DENY] | [SI/NO] | [N] | ### 6.4 NAT Configuration | Tipo | Original IP | Translated IP | Servizio | Scopo | |------|-------------|---------------|----------|-------| | [SNAT/DNAT/PAT] | [IP] | [IP] | [SERVICE] | [DESCRIZIONE] | ### 6.5 IPS/IDS - **Sistema**: [VENDOR/MODEL] - **Modalità**: [IPS/IDS/HYBRID] - **Signature Set**: [VERSION] - Update: [FREQUENCY] - **Policy**: [BALANCED/SECURITY/CONNECTIVITY] - **False Positive Rate**: [PERCENTUALE]% --- ## 7. VPN ### 7.1 VPN Site-to-Site | Nome | Remote Gateway | Local Subnet | Remote Subnet | Protocol | Encryption | Status | |------|----------------|--------------|---------------|----------|------------|--------| | [NOME] | [IP/FQDN] | [SUBNET] | [SUBNET] | [IPSEC/GRE] | [ALGORITHM] | [UP/DOWN] | ### 7.2 VPN Remote Access - **Sistema**: [VENDOR/MODEL] - **Protocollo**: [SSL-VPN/IPSEC] - **Licenze**: [N] concurrent users - **Utilizzo Medio**: [N] users - **Picco Utilizzo**: [N] users - [DATA] - **MFA Richiesta**: [SI/NO] ### 7.3 Policy VPN | Gruppo | Split Tunnel | Route Pushed | DNS Pushed | Timeout | Rekeying | |--------|--------------|--------------|------------|---------|----------| | [GRUPPO] | [SI/NO] | [ROUTES] | [DNS_IPs] | [MIN] | [SEC] | --- ## 8. Load Balancing ### 8.1 Load Balancer | Hostname | Tipo | Marca/Modello | VIP Managed | Throughput | HA Status | Posizione | |----------|------|---------------|-------------|------------|-----------|-----------| | [HOSTNAME] | [L4/L7/ADC] | [VENDOR/MODEL] | [N] | [GBPS] | [MASTER/BACKUP] | [RACK-U] | ### 8.2 Virtual Server Configuration | Nome | VIP | Protocol | Port | Pool | Persistence | Health Check | Status | |------|-----|----------|------|------|-------------|--------------|--------| | [NOME] | [IP] | [TCP/UDP/HTTP] | [PORT] | [POOL_NAME] | [TYPE] | [METHOD] | [UP/DOWN] | ### 8.3 Server Pool | Pool Name | Membri | Algoritmo | Health Check | Active Members | Traffico (Mbps) | |-----------|--------|-----------|--------------|----------------|-----------------| | [NOME] | [N] | [ALGORITHM] | [TYPE] | [N] | [MBPS] | --- ## 9. DNS e DHCP ### 9.1 DNS Servers | Hostname | IP | Tipo | Zone Gestite | Queries/sec | Uptime | Cache Hit Rate | |----------|-------|------|--------------|-------------|--------|----------------| | [HOSTNAME] | [IP] | [AUTH/RECURSIVE] | [N] | [N] | [%] | [%] | ### 9.2 Zone DNS Principali | Zona | Tipo | Master | Records | DNSSEC | Ultima Modifica | |------|------|--------|---------|--------|-----------------| | [ZONE] | [MASTER/SLAVE] | [IP] | [N] | [SI/NO] | [DATA] | ### 9.3 DHCP Servers | Hostname | IP | Scope Gestiti | Lease Time | Total Addresses | Allocated | Disponibili | |----------|-----|---------------|------------|-----------------|-----------|-------------| | [HOSTNAME] | [IP] | [N] | [TIME] | [N] | [N] | [N] | ### 9.4 DHCP Scopes | Scope | Range | VLAN | Gateway | DNS | Options | Utilizzo % | |-------|-------|------|---------|-----|---------|-----------| | [NOME] | [RANGE] | [VLAN] | [IP] | [IPs] | [OPTIONS] | [%] | --- ## 10. Wireless (se presente) ### 10.1 Controller Wireless - **Sistema**: [VENDOR/MODEL] - **Management IP**: [IP] - **AP Gestiti**: [N] - **Utenti Concorrenti Max**: [N] - **Versione Firmware**: [VERSION] ### 10.2 Access Point | Nome | Modello | Management IP | Location | SSID Broadcast | Clients | Channel | Power | |------|---------|---------------|----------|----------------|---------|---------|-------| | [NOME] | [MODEL] | [IP] | [LOC] | [N] | [N] | [CH] | [dBm] | ### 10.3 SSID Configuration | SSID | VLAN | Security | Authentication | Encryption | Max Users | Hidden | |------|------|----------|----------------|------------|-----------|--------| | [NOME] | [VLAN] | [WPA2/WPA3] | [PSK/802.1X] | [AES] | [N] | [SI/NO] | --- ## 11. Network Monitoring e Management ### 11.1 Network Management System - **Sistema**: [VENDOR/PRODUCT] - **Management IP**: [IP] - **Device Monitorati**: [N] - **Retention Dati**: [GIORNI] giorni - **Polling Interval**: [SECONDI]s ### 11.2 SNMP Configuration - **Versione**: [V2C/V3] - **Community String**: [MASKED/REFERENCE] - **Trap Destination**: [IP] - **OID Monitorati**: [LISTA_PRINCIPALI] ### 11.3 NetFlow/sFlow - **Protocollo**: [NETFLOW/SFLOW/IPFIX] - **Collector**: [IP] - **Sampling Rate**: 1:[N] - **Retention**: [GIORNI] giorni ### 11.4 Syslog - **Syslog Server**: [IP] - **Facility**: [LOCAL0-7] - **Severity Level**: [LEVEL] - **Retention**: [GIORNI] giorni - **Storage Utilizzato**: [GB] --- ## 12. QoS (Quality of Service) ### 12.1 Policy QoS | Nome Policy | Traffic Class | DSCP | Priority | Bandwidth | Applicata su | |-------------|---------------|------|----------|-----------|--------------| | [NOME] | [CLASS] | [VALUE] | [0-7] | [MBPS/%] | [INTERFACES] | ### 12.2 Traffic Shaping - **Metodo**: [POLICING/SHAPING] - **Queueing**: [FIFO/WFQ/CBWFQ] - **Congestion Avoidance**: [WRED/TAIL-DROP] --- ## 13. Network Access Control ### 13.1 Sistema NAC - **Soluzione**: [VENDOR/PRODUCT] - **Authentication**: [802.1X/MAC/HYBRID] - **RADIUS Server**: [IP] - **Porte Monitorate**: [N] ### 13.2 Profili NAC | Profilo | Autenticazione | VLAN Assegnata | Restrizioni | Dispositivi | |---------|----------------|----------------|-------------|-------------| | [NOME] | [METODO] | [VLAN] | [DESCRIZIONE] | [N] | --- ## 14. SD-WAN (se presente) ### 14.1 Architettura SD-WAN - **Soluzione**: [VENDOR/PRODUCT] - **Controller**: [IP/CLOUD] - **Edge Devices**: [N] - **WAN Links**: [N] ### 14.2 Policy SD-WAN | Policy | Applicazione | Link Primario | Link Secondario | Failover Threshold | SLA Monitor | |--------|--------------|---------------|-----------------|-------------------|-------------| | [NOME] | [APP] | [LINK] | [LINK] | [METRIC] | [LATENCY/LOSS] | --- ## 15. Banda e Traffico ### 15.1 Utilizzo Banda Internet - **Banda Totale**: [MBPS] Mbps - **Utilizzo Medio**: [MBPS] Mbps ([%]%) - **Picco Utilizzo**: [MBPS] Mbps - [DATA/ORA] - **Top Talkers**: [LISTA] ### 15.2 Traffico Interno - **Core-to-Core**: [GBPS] Gbps avg - **North-South**: [GBPS] Gbps avg - **East-West**: [GBPS] Gbps avg --- ## 16. Backup Configurazioni ### 16.1 Sistema di Backup - **Metodo**: [TFTP/SCP/GIT/AUTOMATED] - **Frequenza**: [GIORNALIERO/SETTIMANALE] - **Retention**: [N] versioni / [GIORNI] giorni - **Location**: [PATH/SERVER] ### 16.2 Ultimo Backup | Device | Ultimo Backup | Config Version | Metodo | Status | |--------|---------------|----------------|--------|--------| | [HOSTNAME] | [DATA/ORA] | [VERSION] | [METODO] | [SUCCESS/FAIL] | --- ## 17. Change Management ### 17.1 Maintenance Window - **Giorno**: [GIORNO_SETTIMANA] - **Orario**: [HH:MM] - [HH:MM] - **Approval Process**: [DESCRIZIONE] ### 17.2 Ultimi Cambiamenti | Data | Ticket | Descrizione | Device | Eseguito da | Esito | |------|--------|-------------|--------|-------------|-------| | [DATA] | [ID] | [DESC] | [DEVICE] | [NOME] | [SUCCESS/ROLLBACK] | --- ## 18. Network Security Posture ### 18.1 Vulnerability Assessment - **Ultimo Scan**: [DATA] - **Tool Utilizzato**: [TOOL] - **Vulnerabilità Critiche**: [N] - **Vulnerabilità Alte**: [N] - **Remediation ETA**: [DATA] ### 18.2 Patch Level | Device Type | Vendor | Current Version | Latest Version | EOL Date | Upgrade Planned | |-------------|--------|-----------------|----------------|----------|-----------------| | [TYPE] | [VENDOR] | [VERSION] | [VERSION] | [DATA] | [DATA] | --- ## 19. Documentazione Tecnica ### 19.1 Diagrammi Disponibili - [X] Topologia Fisica - [X] Topologia Logica - [X] VLAN Design - [X] IP Addressing Plan - [X] Rack Elevations (Network devices) ### 19.2 Procedure Standard - [X] Router/Switch Configuration Standard - [X] VLAN Creation Procedure - [X] Firewall Rule Request Process - [X] Network Troubleshooting Runbook --- ## 20. Performance Metrics ### 20.1 KPI Rete | Metrica | Target | Valore Attuale | Trend | Note | |---------|--------|----------------|-------|------| | Uptime % | [TARGET] | [CURRENT] | [↑/↓/→] | [NOTE] | | Latenza Media (ms) | [TARGET] | [CURRENT] | [↑/↓/→] | [NOTE] | | Packet Loss % | [TARGET] | [CURRENT] | [↑/↓/→] | [NOTE] | | Jitter (ms) | [TARGET] | [CURRENT] | [↑/↓/→] | [NOTE] | ### 20.2 Incidenti Rete (Ultimi 30gg) | Data | Durata | Servizi Impattati | Root Cause | Azioni Correttive | |------|--------|-------------------|------------|-------------------| | [DATA] | [MIN] | [SERVIZI] | [CAUSA] | [AZIONI] | --- ## 21. Contatti e Escalation ### 21.1 Network Team | Ruolo | Nome | Telefono | Email | Disponibilità | |-------|------|----------|-------|---------------| | [RUOLO] | [NOME] | [TEL] | [EMAIL] | [SCHEDULE] | ### 21.2 Vendor Support | Vendor | Prodotto | Contract Level | Phone | Portal | TAC Access | |--------|----------|----------------|-------|--------|------------| | [VENDOR] | [PRODUCT] | [LEVEL] | [PHONE] | [URL] | [CASE_ID] | --- **Token Utilizzati**: [CONTEGGIO_APPROSSIMATIVO] **Prossimo Aggiornamento Previsto**: [DATA]