CHAPTER 14: TESTING & VALIDATION PROCEDURES¶
14.1 Testing Strategy Overview¶
14.1.1 Three-Phase Testing Model¶
Abhavtech WiFi 7 Testing Framework:
Phase 1: Pre-Production Testing (Week 1-8, Lab/Pilot)
Objective: Validate technology readiness before production deployment
Scope:
• Lab testing (isolated test environment)
• Pilot site testing (4 sites, 115 APs, 1,420 users)
• Performance benchmarking (throughput, latency, reliability)
Exit Criteria:
✓ All 3 use cases validated (Edge AI, Conference, Executive)
✓ User satisfaction >90%
✓ Zero P1 incidents during pilot
Phase 2: Production Validation (Week 9-88, Waves 1-3)
Objective: Validate each wave before proceeding to next wave
Scope:
• Wave 1: 6 HQ sites (450 APs)
• Wave 2: 8 regional sites (505 APs)
• Wave 3: 5 branch sites (150 APs)
Exit Criteria (Per Wave):
✓ Wireless adoption >70% target for wave
✓ User satisfaction >85%
✓ <2 P1 incidents per quarter
Phase 3: Post-Deployment Optimization (Week 89-104)
Objective: Continuous improvement, performance tuning
Scope:
• RF optimization (channel tuning, power adjustment)
• Capacity expansion (add APs if hotspots identified)
• User feedback integration (surveys, helpdesk tickets)
Success Metrics:
✓ Overall wireless adoption >85%
✓ Network health score >8.5/10 (DNAC AI)
✓ User satisfaction >90%
14.1.2 Testing Categories¶
Five Testing Categories:
| Category | Purpose | Tools | Frequency |
|---|---|---|---|
| 1. Functional Testing | Verify features work as designed | Manual testing, scripts | One-time (pre-deployment) |
| 2. Performance Testing | Measure throughput, latency, capacity | iPerf3, Ekahau, DNAC | Weekly (pilot), Monthly (production) |
| 3. Interoperability Testing | Ensure client device compatibility | Device inventory, testing | One-time (pre-deployment) |
| 4. Security Testing | Validate Zero Trust enforcement | ISE logs, penetration testing | Quarterly |
| 5. User Acceptance Testing (UAT) | Validate end-user experience | Surveys, interviews | End of each phase |
14.2 Functional Testing¶
14.2.1 SSID Connectivity Test¶
Test Case: FT-001 - Basic SSID Connectivity
Test ID: FT-001
Test Name: Corp-Secure-7 SSID Connectivity (WPA3-Enterprise)
Objective: Verify WiFi 7 clients can connect to Corp-Secure-7 SSID
Pre-Requisites:
• SSID: Corp-Secure-7 configured on WLC
• ISE: Authentication policy configured (WiFi-7-Corporate)
• Client: WiFi 7-capable laptop (Intel BE200)
• User: Valid AD credentials (john.exec@abhavtech.com)
Test Procedure:
Step 1: Scan for available SSIDs
• Action: Open WiFi settings on laptop
• Expected: "Corp-Secure-7" visible in SSID list
Step 2: Connect to Corp-Secure-7
• Action: Select "Corp-Secure-7", enter AD credentials
• Expected: 802.1X authentication succeeds within 5 seconds
Step 3: Verify IP address assignment
• Action: Check network settings (ipconfig / ifconfig)
• Expected: IP assigned from correct VLAN (VLAN-EXEC, 10.252.10.x)
Step 4: Verify internet connectivity
• Action: Open browser, navigate to https://www.google.com
• Expected: Page loads successfully
Step 5: Verify SGT assignment
• Action: Check ISE RADIUS logs
• Expected: SGT 11 (Executives) assigned to client
Test Results:
Run Date: 2025-05-10
Status: ✅ PASS
Connection Time: 3.2 seconds (target: <5 sec) ✓
IP Address: 10.252.10.55 (VLAN-EXEC) ✓
SGT: 11 (Executives) ✓
Internet Access: Successful ✓
Issues: None
Sign-Off: Network Engineer (Jane Doe)
Test Case: FT-002 - MLO (Multi-Link Operation) Functionality
Test ID: FT-002
Test Name: MLO Dual-Link Connectivity (5 GHz + 6 GHz)
Objective: Verify client can use both 5 GHz and 6 GHz links simultaneously
Pre-Requisites:
• AP: Catalyst 9178I-BE (WiFi 7, MLO-capable)
• Client: Dell Latitude 7450 (Intel BE200, MLO-capable)
• SSID: Corp-Secure-7 (MLO enabled on WLC)
Test Procedure:
Step 1: Connect to Corp-Secure-7
• Action: Client connects to SSID
• Expected: Client establishes 2 links (5 GHz + 6 GHz)
Step 2: Verify MLO status on WLC
• Command: show wireless client mac-address <MAC> detail
• Expected Output:
MLO Status: Enabled
Link 0 (5 GHz): Active (Backup)
Link 1 (6 GHz): Active (Primary)
Step 3: Verify traffic distribution
• Action: Run iPerf3 test (60 seconds)
• Expected: 90% traffic on Link 1 (6 GHz), 10% on Link 0 (5 GHz)
Step 4: Induce Link 1 failure (6 GHz)
• Action: Disable 6 GHz radio on AP (config 802.11-6ghz disable <AP>)
• Expected: Client failover to Link 0 (5 GHz) within 5ms
Step 5: Verify zero packet loss during failover
• Action: Continuous ping during failover (ping -t 10.252.80.10)
• Expected: 0 packets lost during failover
Test Results:
Run Date: 2025-05-11
Status: ✅ PASS
MLO Links: 2 (5 GHz + 6 GHz) ✓
Traffic Distribution: 88% on 6 GHz, 12% on 5 GHz ✓
Failover Time: 4.2ms ✓
Packet Loss: 0 packets ✓
Issues: None
Sign-Off: Network Engineer (John Smith)
14.2.2 Roaming Test¶
Test Case: FT-003 - Inter-AP Roaming (802.11r Fast Transition)
Test ID: FT-003
Test Name: Seamless Roaming Between APs
Objective: Verify client roams between APs without connectivity interruption
Pre-Requisites:
• 2 APs: MUM-F6-AP01 and MUM-F6-AP02 (adjacent coverage)
• Client: MacBook Pro M4 (WiFi 7)
• 802.11r (Fast Transition): Enabled on SSID
Test Procedure:
Step 1: Connect to Corp-Secure-7 near AP01
• Action: Client connects, verify association with AP01
• Command (WLC): show wireless client mac <MAC> summary
• Expected: AP Name = MUM-F6-AP01
Step 2: Start continuous ping test
• Action: ping -t 10.252.80.10 (application server)
• Expected: Successful pings, <10ms latency
Step 3: Walk toward AP02 (trigger roaming)
• Action: User walks 30 feet toward AP02
• Expected: Client roams from AP01 → AP02 automatically
Step 4: Verify roaming occurred
• Command (WLC): show wireless client mac <MAC> summary
• Expected: AP Name = MUM-F6-AP02 (changed from AP01)
Step 5: Check ping results (zero packet loss)
• Expected: 0 packets lost during roaming
• Expected: No ping timeout (roaming <50ms per 802.11r spec)
Test Results:
Run Date: 2025-05-12
Status: ✅ PASS
Initial AP: MUM-F6-AP01 ✓
Final AP: MUM-F6-AP02 ✓
Roaming Time: 32ms (802.11r fast transition) ✓
Packet Loss: 0 packets ✓
Ping Latency (during roam): 45ms spike (acceptable) ✓
Issues: None
Sign-Off: Network Engineer (Jane Doe)
14.3 Performance Testing¶
14.3.1 Throughput Testing (iPerf3)¶
Test Case: PT-001 - Maximum Client Throughput
Test ID: PT-001
Test Name: WiFi 7 Maximum Throughput (Single Client)
Objective: Measure maximum TCP throughput from WiFi 7 client to wired server
Test Setup:
• Client: Dell Latitude 7450 (WiFi 7, Intel BE200, 2×2:2 MIMO)
• Server: iPerf3 server on wired network (10.252.80.10)
• SSID: Corp-Secure-7 (6 GHz, 320 MHz, Ch 31)
• RSSI: -58 dBm (excellent signal, 5 meters from AP)
Test Procedure:
Step 1: TCP Downstream Test (Server → Client)
Command: iperf3 -c 10.252.80.10 -t 60 -P 4 -R
Duration: 60 seconds
Parallel Streams: 4 (maximize throughput)
Step 2: TCP Upstream Test (Client → Server)
Command: iperf3 -c 10.252.80.10 -t 60 -P 4
Duration: 60 seconds
Step 3: UDP Test (Maximum PHY Rate)
Command: iperf3 -c 10.252.80.10 -t 60 -u -b 6G
Bandwidth: 6 Gbps (above PHY rate to saturate)
Step 4: Bidirectional Test
Command: iperf3 -c 10.252.80.10 -t 60 -P 4 --bidir
Duration: 60 seconds
Test Results:
Run Date: 2025-05-13
Status: ✅ PASS
TCP Downstream: 4.47 Gbps ✓ (target: >4 Gbps)
TCP Upstream: 4.20 Gbps ✓
UDP (Max): 5.12 Gbps (88% efficiency)
Bidirectional: 4.38 Gbps (both directions) ✓
PHY Rate (from WLC): 5,764 Mbps (MLO aggregate)
MAC Efficiency: 4.47 / 5.764 = 77% (excellent)
Issues: None
Sign-Off: Performance Engineer (Bob Wilson)
Test Case: PT-002 - Multi-Client Throughput
Test ID: PT-002
Test Name: WiFi 7 Multi-Client Aggregate Throughput
Objective: Measure aggregate throughput with multiple concurrent clients
Test Setup:
• Clients: 10× WiFi 7 laptops (same model, Intel BE200)
• Server: iPerf3 server (10.252.80.10)
• AP: MUM-F6-AP01 (all clients associated with same AP)
• RSSI: -60 to -65 dBm (all clients)
Test Procedure:
Step 1: Sequential Test (Baseline)
• Action: Each client runs iPerf3 individually (60 sec)
• Expected: Each client achieves 4+ Gbps
Step 2: Concurrent Test (10 Clients Simultaneous)
• Action: All 10 clients run iPerf3 simultaneously (60 sec)
• Expected: Aggregate throughput ~40-50 Gbps (AP capacity limit)
Step 3: Calculate per-client fairness
• Metric: Standard deviation of throughput across 10 clients
• Target: <20% deviation (fair resource allocation)
Test Results:
Run Date: 2025-05-14
Status: ✅ PASS
Sequential (Individual):
• Client 1: 4.5 Gbps
• Client 2: 4.3 Gbps
• ... (all 10 clients: 4.1-4.6 Gbps) ✓
Concurrent (10 Clients):
• Aggregate: 42.8 Gbps ✓
• Per-Client Average: 4.28 Gbps ✓
• Min: 3.9 Gbps (Client 7)
• Max: 4.6 Gbps (Client 3)
• Std Dev: 0.21 Gbps (4.9% deviation) ✓ (excellent fairness)
AP Channel Utilization: 68% (healthy, <80% threshold)
Issues: None (fair resource allocation confirmed)
Sign-Off: Performance Engineer (Bob Wilson)
14.3.2 Latency Testing¶
Test Case: PT-003 - End-to-End Latency
Test ID: PT-003
Test Name: WiFi 7 End-to-End Latency (Client → Server)
Objective: Measure ICMP latency from WiFi 7 client to application server
Test Setup:
• Client: MacBook Pro M4 (WiFi 7)
• Server: Application server (10.252.80.10, wired)
• SSID: Corp-Secure-7 (6 GHz, 320 MHz)
• Sample Size: 1,000 pings
Test Procedure:
Step 1: Continuous Ping Test
Command: ping -c 1000 10.252.80.10
Duration: ~16 minutes (1 ping/second)
Step 2: Calculate Statistics
• Mean latency
• Median latency
• 95th percentile
• 99th percentile
• Packet loss %
Test Results:
Run Date: 2025-05-15
Status: ✅ PASS
Mean Latency: 9.3ms ✓ (target: <10ms)
Median Latency: 8.8ms ✓
95th Percentile: 12.5ms ✓ (target: <15ms)
99th Percentile: 18.2ms ✓ (target: <20ms)
Packet Loss: 0.1% (1 packet lost out of 1,000) ✓ (target: <1%)
Latency Breakdown (estimated):
• WiFi 7 (client → AP): 3-5ms
• AP → Fabric Edge: 1ms
• Fabric Transit: 2ms
• Fabric → Server: 1ms
• Processing: 1-2ms
Total: ~9ms ✓
Issues: None
Sign-Off: Performance Engineer (Bob Wilson)
14.3.3 Reliability Testing¶
Test Case: PT-004 - Long-Duration Stability Test
Test ID: PT-004
Test Name: WiFi 7 24-Hour Stability Test
Objective: Verify client maintains stable connection for 24 hours
Test Setup:
• Client: Dell Latitude 7450 (WiFi 7)
• SSID: Corp-Secure-7
• Duration: 24 hours (1,440 minutes)
• Monitoring: Continuous ping + periodic throughput tests
Test Procedure:
Step 1: Connect to Corp-Secure-7
• Time: Day 1, 9:00 AM
• Verify: Successful connection, SGT assigned
Step 2: Continuous Ping (24 Hours)
Command: ping -t 10.252.80.10 > stability_test.log
Expected: <1% packet loss over 24 hours
Step 3: Periodic Throughput Tests (Every 4 Hours)
Command: iperf3 -c 10.252.80.10 -t 60 -P 4
Expected: Consistent throughput (>4 Gbps)
Step 4: Monitor Disconnections
• Check WLC logs for client disconnections
• Expected: 0 involuntary disconnections
Test Results:
Run Date: 2025-05-16 to 2025-05-17
Status: ✅ PASS
Total Pings: 86,400 (1 ping/second × 24 hours)
Successful Pings: 86,315 (99.9%) ✓
Packet Loss: 0.1% (85 packets) ✓ (target: <1%)
Throughput Tests (6 samples, every 4 hours):
• 9 AM: 4.5 Gbps ✓
• 1 PM: 4.3 Gbps ✓
• 5 PM: 4.4 Gbps ✓
• 9 PM: 4.6 Gbps ✓
• 1 AM: 4.5 Gbps ✓
• 5 AM: 4.4 Gbps ✓
Average: 4.45 Gbps ✓ (consistent)
Disconnections: 0 involuntary ✓
Reconnections: 0 (client stayed connected entire 24 hours) ✓
Issues: None (excellent stability)
Sign-Off: Performance Engineer (Bob Wilson)
14.4 Interoperability Testing¶
14.4.1 Client Device Compatibility Matrix¶
Test Case: IT-001 - WiFi 7 Client Device Compatibility
Test ID: IT-001
Test Name: WiFi 7 Client Device Interoperability
Objective: Verify compatibility with diverse client devices
Test Matrix (20 Device Types):
Category 1: Corporate Laptops (WiFi 7)
1. Dell Latitude 7450 (Intel BE200) - ✅ PASS (4.5 Gbps)
2. HP EliteBook 860 G11 (Intel BE200) - ✅ PASS (4.3 Gbps)
3. MacBook Pro 16" M4 (WiFi 7) - ✅ PASS (4.6 Gbps)
4. Lenovo ThinkPad X1 Carbon Gen 12 (Intel BE200) - ✅ PASS (4.4 Gbps)
Category 2: Legacy Laptops (WiFi 6)
5. Dell Latitude 7420 (Intel AX211, WiFi 6E) - ✅ PASS (2.1 Gbps, 160 MHz)
6. MacBook Pro 14" M2 (WiFi 6E) - ✅ PASS (1.8 Gbps)
7. HP EliteBook 840 G9 (Intel AX211) - ✅ PASS (2.0 Gbps)
Category 3: Tablets
8. iPad Pro 13" M4 (WiFi 7) - ✅ PASS (3.2 Gbps)
9. Surface Pro 10 (Intel BE200) - ✅ PASS (4.1 Gbps)
10. Samsung Galaxy Tab S9 Ultra (WiFi 6E) - ✅ PASS (1.5 Gbps)
Category 4: Smartphones
11. iPhone 16 Pro Max (WiFi 7) - ✅ PASS (2.8 Gbps)
12. Samsung Galaxy S24 Ultra (WiFi 7) - ✅ PASS (3.0 Gbps)
13. Google Pixel 9 Pro (WiFi 7) - ✅ PASS (2.7 Gbps)
Category 5: Conference Room Equipment
14. Apple TV 4K (WiFi 6) - ✅ PASS (800 Mbps, sufficient for 4K)
15. Cisco Webex Room Kit Pro (WiFi 6E) - ✅ PASS (1.2 Gbps)
16. Logitech Rally Bar (WiFi 6) - ✅ PASS (600 Mbps)
Category 6: IoT Devices
17. Axis P3265-LVE Camera (WiFi 7) - ✅ PASS (Edge AI, 15 Mbps)
18. Cisco IP Phone 8865 (WiFi 6) - ✅ PASS (VoIP, <1 Mbps)
Category 7: BYOD (Employee Personal Devices)
19. Various Android phones (WiFi 5/6) - ✅ PASS (500 Mbps-1.5 Gbps)
20. Various Windows laptops (WiFi 5/6) - ✅ PASS (800 Mbps-2 Gbps)
Test Results Summary:
Total Devices Tested: 20
Passed: 20 (100%) ✅
Failed: 0
WiFi 7 Devices: 9 (average: 3.8 Gbps) ✓
WiFi 6/6E Devices: 8 (average: 1.4 Gbps) ✓
WiFi 5 Devices: 3 (average: 650 Mbps) ✓
Backward Compatibility: 100% ✅
All devices connect successfully to Corp-Secure-7 SSID
Issues: None
Recommendation: Prioritize WiFi 7 laptop refresh for executives/engineers
Sign-Off: QA Engineer (Sarah Lee)
14.5 Security Testing¶
14.5.1 Zero Trust Enforcement Validation¶
Test Case: ST-001 - SGACL Policy Enforcement
Test ID: ST-001
Test Name: Zero Trust SGACL Policy Validation
Objective: Verify SGACL policies enforce least-privilege access
Test Scenarios (5 Tests):
Scenario 1: Executive (SGT 11) Accesses Server (SGT 80)
• Client: john.exec@abhavtech.com (SGT 11)
• Target: 10.252.80.10 (Application Server, SGT 80)
• SGACL Policy: SGT 11 → SGT 80 = Permit
• Test: ping 10.252.80.10
• Expected Result: ✅ Success (ICMP allowed)
• Actual Result: ✅ PASS (Reply from 10.252.80.10, 9ms)
Scenario 2: Contractor (SGT 16) Accesses Server (SGT 80)
• Client: contractor1@abhavtech.com (SGT 16)
• Target: 10.252.80.10 (SGT 80)
• SGACL Policy: SGT 16 → SGT 80 = Deny
• Test: ping 10.252.80.10
• Expected Result: ❌ Denied (timeout)
• Actual Result: ✅ PASS (Request timeout, blocked by SGACL)
Scenario 3: Executive (SGT 11) Accesses Network Infrastructure (SGT 90)
• Client: john.exec@abhavtech.com (SGT 11)
• Target: 10.252.1.20 (WLC, SGT 90)
• SGACL Policy: SGT 11 → SGT 90 = Deny (least privilege)
• Test: ssh admin@10.252.1.20
• Expected Result: ❌ Denied (connection refused)
• Actual Result: ✅ PASS (Connection refused, blocked by SGACL)
Scenario 4: Camera (SGT 70) Accesses UCS Inference API (SGT 80)
• Client: Camera (10.150.1.150, SGT 70)
• Target: UCS XE9305 (10.150.50.10:8000, SGT 80)
• SGACL Policy: SGT 70 → SGT 80 = Permit TCP 8000 only
• Test: curl http://10.150.50.10:8000/v1/inference
• Expected Result: ✅ Success (HTTP 200)
• Actual Result: ✅ PASS (API responds, inference request accepted)
Scenario 5: Camera (SGT 70) Accesses SSH (Port 22) on Server
• Client: Camera (10.150.1.150, SGT 70)
• Target: UCS XE9305 (10.150.50.10:22, SGT 80)
• SGACL Policy: SGT 70 → SGT 80 = Deny (except port 8000)
• Test: ssh admin@10.150.50.10
• Expected Result: ❌ Denied (connection refused)
• Actual Result: ✅ PASS (Connection refused, SGACL blocks port 22)
Test Results Summary:
Total Scenarios: 5
Passed: 5 (100%) ✅
Failed: 0
SGACL Enforcement: Working correctly ✓
Least Privilege: Enforced ✓
Zero Trust: Validated ✓
Issues: None
Sign-Off: Security Engineer (Mike Chen)
14.5.2 Penetration Testing¶
Test Case: ST-002 - WiFi 7 Penetration Test
Test ID: ST-002
Test Name: WiFi 7 Security Penetration Test
Objective: Identify vulnerabilities in WiFi 7 deployment
Test Scope:
• SSID: Corp-Secure-7 (WPA3-Enterprise)
• Duration: 5 days (40 hours)
• Tester: External security firm (Red Team)
Attack Vectors Tested (10 Attacks):
Attack 1: WPA3 Downgrade Attack (Dragonblood)
• Method: Force client to downgrade WPA3 → WPA2
• Tool: wpa3_downgrade.py (custom script)
• Result: ✅ FAILED (WPA3 mandatory, no WPA2 fallback) ✓
• Finding: WLC configured correctly (no WPA2 enabled)
Attack 2: Evil Twin AP (Rogue AP)
• Method: Deploy rogue AP with SSID "Corp-Secure-7"
• Tool: airbase-ng
• Result: ✅ FAILED (clients do not connect to rogue AP) ✓
• Finding: WPA3 enterprise authentication prevents rogue AP attack
Attack 3: Deauthentication Attack (DoS)
• Method: Send deauth frames to disconnect clients
• Tool: aireplay-ng --deauth
• Result: ✅ FAILED (Protected Management Frames block deauth) ✓
• Finding: 802.11w (PMF) enabled, prevents deauth attacks
Attack 4: Brute-Force RADIUS Password
• Method: Capture RADIUS packets, brute-force credentials
• Tool: hashcat (offline attack)
• Result: ✅ FAILED (EAP-TLS uses certificates, not passwords) ✓
• Finding: EAP-TLS prevents password brute-force
Attack 5: Man-in-the-Middle (MITM) via ARP Spoofing
• Method: ARP poisoning to intercept traffic
• Tool: ettercap
• Result: ⚠️ PARTIAL SUCCESS (ARP spoofing works, but traffic encrypted)
• Finding: HTTPS/TLS encrypts traffic, minimal risk
• Recommendation: Enable ARP inspection on fabric switches
Attack 6: Client Isolation Bypass
• Method: Attempt communication between 2 WiFi clients (same SSID)
• Test: Ping from Client A (SGT 11) → Client B (SGT 11)
• Result: ✅ ALLOWED (same SGT, policy permits) ✓
• Finding: Expected behavior (executives can collaborate)
Attack 7: Rogue DHCP Server
• Method: Deploy rogue DHCP server on WiFi
• Tool: dnsmasq (DHCP server)
• Result: ⚠️ PARTIAL SUCCESS (DHCP offers sent, but clients ignore)
• Finding: DHCP snooping not enabled on WiFi (enable on fabric)
• Recommendation: Enable DHCP snooping on fabric edge switches
Attack 8: DNS Spoofing
• Method: Respond to DNS queries with malicious IPs
• Tool: dnsspoof
• Result: ✅ FAILED (clients use authenticated DNS servers) ✓
• Finding: ISE policy pushes trusted DNS servers via RADIUS
Attack 9: Unauthorized AP (Plug-in Rogue AP)
• Method: Physically connect rogue AP to Ethernet port
• Result: ⚠️ PARTIAL SUCCESS (AP powers on, but no clients connect)
• Finding: 802.1X on wired ports prevents unauthorized APs
• Recommendation: Enable port security (MAC limiting)
Attack 10: Social Engineering (Phishing for Credentials)
• Method: Send phishing email to users (request WiFi credentials)
• Result: ⚠️ PARTIAL SUCCESS (2 users out of 20 entered credentials)
• Finding: User training needed
• Recommendation: Quarterly security awareness training
Test Results Summary:
Total Attacks: 10
Failed (Secure): 6 (60%) ✅
Partial Success (Minor Risk): 4 (40%) ⚠️
Critical Vulnerabilities: 0 ✅
Overall Security Posture: STRONG ✓
WPA3 + 802.1X + PMF + EAP-TLS = Multi-layered security
Recommendations:
1. Enable ARP inspection on fabric edge switches (P3)
2. Enable DHCP snooping on fabric edge switches (P3)
3. Enable port security on wired ports (MAC limiting, P4)
4. Conduct quarterly security awareness training (P4)
Issues: Minor (non-critical)
Sign-Off: Security Architect (Lisa Zhang), Red Team Lead (External)
14.6 User Acceptance Testing (UAT)¶
14.6.1 Executive User Survey¶
Test Case: UAT-001 - Executive Satisfaction Survey (Mumbai Floor 6)
Test ID: UAT-001
Test Name: Executive User Acceptance (Post-Pilot)
Objective: Measure executive satisfaction with WiFi 7 wireless-only workspace
Survey Details:
• Target Audience: 80 executives (Mumbai Floor 6)
• Survey Method: Online survey (5-point Likert scale)
• Response Rate: 78 responses (97.5% response rate) ✅
• Survey Period: Week 16 (end of pilot)
Survey Questions (10 Questions):
Q1: Overall satisfaction with WiFi 7 (vs previous wired connection)
• Very Satisfied: 58 (74%)
• Satisfied: 14 (18%)
• Neutral: 4 (5%)
• Dissatisfied: 2 (3%)
• Very Dissatisfied: 0 (0%)
Average Score: 4.64/5.0 ✅
Satisfaction Rate: 92% (Satisfied + Very Satisfied) ✓
Q2: WiFi 7 performance (speed) vs wired 1 Gbps
• Much Faster: 52 (67%)
• Slightly Faster: 18 (23%)
• Same: 6 (8%)
• Slower: 2 (2%)
Average Score: 4.54/5.0 ✅
Q3: Connection reliability (disconnections, dropouts)
• Never Experience Issues: 62 (79%)
• Rarely (once/week): 12 (15%)
• Sometimes (2-3x/week): 3 (4%)
• Frequently (daily): 1 (1%)
Average Score: 4.73/5.0 ✅
Q4: Webex meeting quality (video/audio)
• Excellent: 54 (69%)
• Good: 20 (26%)
• Fair: 3 (4%)
• Poor: 1 (1%)
Average Score: 4.63/5.0 ✅
Q5: Wireless vs wired preference (future)
• Strongly Prefer Wireless: 58 (74%)
• Prefer Wireless: 16 (21%)
• No Preference: 3 (4%)
• Prefer Wired: 1 (1%)
Wireless Preference: 95% ✅ (target: >70%)
Q6: Desk flexibility (cable-free workspace)
• Major Benefit: 66 (85%)
• Minor Benefit: 10 (13%)
• No Difference: 2 (2%)
Average Score: 4.82/5.0 ✅
Q7: Multi-device connectivity (laptop + tablet + phone)
• Works Flawlessly: 60 (77%)
• Works Mostly: 15 (19%)
• Some Issues: 3 (4%)
Average Score: 4.73/5.0 ✅
Q8: Roaming between desk and conference room
• Seamless: 64 (82%)
• Minor Delay (<5 sec): 11 (14%)
• Noticeable Delay (5-10 sec): 3 (4%)
Average Score: 4.78/5.0 ✅
Q9: IT support responsiveness (WiFi issues)
• Very Responsive: 48 (62%)
• Responsive: 24 (31%)
• Neutral: 5 (6%)
• Unresponsive: 1 (1%)
Average Score: 4.54/5.0 ✅
Q10: Recommend WiFi 7 to other floors/sites?
• Definitely Yes: 62 (79%)
• Probably Yes: 13 (17%)
• Maybe: 2 (3%)
• No: 1 (1%)
Recommendation Rate: 96% ✅ (Definitely + Probably Yes)
Open-Ended Feedback (Top 3 Positive):
1. "No more cable clutter, desk is so much cleaner" (68% mentioned)
2. "WiFi is faster than my old wired connection, very impressed" (52%)
3. "Can walk to meeting room without unplugging, seamless" (41%)
Open-Ended Feedback (Top 3 Negative):
1. "Occasional brief disconnection (1-2 seconds), rare" (8% mentioned)
2. "WiFi slower in far corner office (near elevator)" (5%)
3. "Preferred wired for large file transfers (psychological)" (3%)
Test Results Summary:
Overall Satisfaction: 92% ✅ (target: >90%)
Wireless Preference: 95% ✅
Recommendation Rate: 96% ✅
Average Score (All Questions): 4.66/5.0 ✅
Key Insights:
✓ Executives overwhelmingly prefer wireless
✓ Performance exceeds expectations (faster than wired 1G)
✓ Cable-free workspace highly valued (85% cite as major benefit)
✓ Minor issues (8% report occasional disconnections) acceptable
Issues: Minor (8% occasional disconnections, investigating)
Remediation: Add 2 APs in far corners (Week 17, Phase 5B)
Sign-Off: Project Manager (Tom Harris), Executive Sponsor (CTO)
14.7 Testing Summary & Acceptance Criteria¶
14.7.1 Phase 5A Pilot Acceptance Criteria¶
Go/No-Go Decision Matrix (Week 16):
Acceptance Criteria (All Must Pass for Phase 5B Approval):
1. Functional Testing: ✅ PASS
✓ SSID connectivity: 100% success rate
✓ MLO functionality: Validated (4.2ms failover, 0 packet loss)
✓ Roaming: 32ms roaming time (802.11r fast transition)
2. Performance Testing: ✅ PASS
✓ Throughput: 4.47 Gbps average (target: >4 Gbps)
✓ Latency: 9.3ms average (target: <10ms)
✓ Reliability: 99.9% uptime (24-hour stability test)
3. Interoperability Testing: ✅ PASS
✓ Client compatibility: 100% (20 device types tested)
✓ Backward compatibility: WiFi 5/6 clients work correctly
4. Security Testing: ✅ PASS
✓ SGACL enforcement: 100% (5/5 scenarios passed)
✓ Penetration testing: 0 critical vulnerabilities
✓ Minor recommendations: ARP inspection, DHCP snooping (P3/P4)
5. User Acceptance Testing: ✅ PASS
✓ Executive satisfaction: 92% (target: >90%)
✓ Wireless preference: 95% (target: >70%)
✓ Recommendation rate: 96%
Overall Assessment: ✅ ALL CRITERIA MET
Decision: ✅ APPROVED TO PROCEED TO PHASE 5B (WAVE 1)
Approval Signatures:
• CTO (Executive Sponsor): _____________ Date: _______
• Network Architect: _____________ Date: _______
• Security Architect: _____________ Date: _______
• Project Manager: _____________ Date: _______
14.7.2 Lessons Learned (Testing)¶
Key Testing Insights:
1. Predictive RF Modeling Is Reliable
• Ekahau predictive survey: 97% coverage
• Actual validation: 97% coverage (perfect match)
• Lesson: Trust predictive tools, but always validate post-deployment
2. iPerf3 Testing Requires Multiple Streams
• Single stream: 2.8 Gbps (TCP window limitation)
• 4 parallel streams: 4.5 Gbps (saturates link)
• Lesson: Use -P 4 flag in iPerf3 for accurate WiFi 7 testing
3. MLO Failover Is Truly Seamless
• Expected: <10ms failover
• Actual: 4.2ms, 0 packets lost
• Lesson: MLO is production-ready, marketing claims validated
4. User Satisfaction Correlates with RSSI
• RSSI >-65 dBm: 95% satisfaction
• RSSI -65 to -70 dBm: 85% satisfaction
• RSSI <-70 dBm: 60% satisfaction (complaints)
• Lesson: Dense AP deployment justified (1 per 1,333 sq ft)
5. Security Testing Identifies "Hygiene" Issues
• No critical vulnerabilities found
• Minor issues: ARP inspection, DHCP snooping (simple fixes)
• Lesson: WiFi 7 + WPA3 + 802.1X is inherently secure
6. UAT Surveys Provide Valuable Insights
• Open-ended feedback: "Cable-free workspace" most-cited benefit
• Quantitative: 92% satisfaction
• Lesson: Both quantitative + qualitative data essential
7. Regression Testing After AP Additions
• Added 2 APs (MUM-F6-AP16, AP17) after pilot
• Re-ran performance tests (validation)
• Result: Coverage improved 97% → 99%
• Lesson: Always re-test after infrastructure changes