HI SandraHerzet, [Pls Rate if Helps]
Before all these Check is there any New Implementation of Projects is On-going / Under Discussion / Pending.
1. Remove unwanted Cables in the Network
2. Create a Inventry of the Network
3. Finalise your Architecture & Design
4. Analyse the Performance Issues uncovered during the Audit
5. Study the Current Configuration, Previous Logs, Alarms, Response Time etc.,
6. Administratively DOWN the un-used Interfaces in Switches / Routers
Note: Industry way is: In Switches create a "Trash VLAN" & assign the Un-used interfaces which ever is down
7. Remove unwanted / Older Routing Information, Route Advertisement, Access-Lists, etc., after studying the Routing Table completely
Note: Provide the Description to each & every UP-Link / WAN Interface includes Connectivity (from-to), Provider Name, Circuit ID & Bandwidth.
8. ACL's will normally block unwanted traffic but that will not help in Spoofing attacks, Rate limiting is effective in reducing the impact of DDoS attacks but not in eliminating the threat entirely even.
9. If required update your IOS, IDS & IPS Security Patches, etc., as recommended by Cisco
10. Don't Save any of the Configuration after removing the Unwanted Configuration
11. Check for entire connectivity Again & keep monitor for any Blocking (or) unusual behaviour of Network
12. Once everything is OK & nothing is abnormal- Pls save the Configuration & Backup the Entire Flash.
13. Create a Change Document for this & plan one by one then Submit the Final Report
PLS RATE if Helps
Best Regards,
Guru Prasad R
