The inventory functionality in the MAP Toolkit is designed to have the smallest possible impact on network performance, the performance of computers being inventoried, and network security.

Performance

The network impact when running an inventory is an estimated 512KB to 1MB per machine inventoried over the network. The main source of the variance is due to the number of items in the MSI database per machine (how many applications installed, how many patches, and so on).

When running a performance metrics collection, the amount of data collected is about 2MB per machine monitored initially and about 18-20KB every 5 minutes per machine monitored. Note that an inventory of each machine targeted for performance metrics collection will be performed if that machine has not been previously inventoried in the database being used by MAP.

On the computers being inventoried, CPU utilization rises up to 15 percent for less than 20 seconds. The wizard can be configured to scan all computers found in a domain or computers found in user-selected organization units (OUs), containers, or domains. If some of the computers in the domain are in branch offices across slow network links, inventory should not be completed during business hours. Even though the amount of network utilization is low, inventory increases utilization of the network connection.

Security

To reduce impact on network security, the MAP tool takes the following precautions:

·         All domain accounts used during inventory must be validated in the wizard before the inventory and assessment begins.

·         None of the credentials provided to the MAP tool are saved to the database or a hard drive. Credentials are encrypted in RAM and discarded as soon as the tool closes.

·         Communication between the computer performing the inventory and the computer being inventoried is encrypted.

·         The SQL Server® 2012 Express LocalDBEdition instance is configured, by default, not to allow connections from remote computers.

·         SQL Server® authentication is disabled in the SQL Server® 2008 R2 database instance. Only local administrators have access to the installed instance.

·         The wizard can only be run by a user who is an Administrator on the computer on which the MAP Toolkit is installed.