Microsoft’s Free Security Tools – Microsoft Assessment and Planning (MAP) Toolkit

This article in our free security tools series focuses on the benefits of the Microsoft Assessment and Planning Toolkit.  If you are an IT Professional then you know platform migrations can be a daunting task.  Depending on your organization’s size, complexity and maturity, simply understanding your organization’s IT state and migration potential can take hours, days and sometimes even months.  To help ease the migration process, Microsoft has created the Microsoft Assessment and Planning (MAP) Toolkit.  The MAP Toolkit is a powerful inventory, assessment and reporting tool that can securely assess IT environments for various platform migrations.   The toolkit is designed to run in any organization regardless of size and is effective at helping to accelerate PC, server, database and cloud migration planning across heterogeneous environments.  It also provides tailored assessment proposals and recommendations, and helps gain efficiencies through multiple technology migration assessments with a single tool. 

The information this tool provides is also extremely valuable from a security perspective.  Having an inventory of what platforms exist in your environment enables IT Professionals to more quickly deploy security updates, react to security incidents, contain any issues that may arise and recover more quickly from them. 

The information MAP provides is immediately actionable.  It can help you determine what hardware can and cannot be upgraded. It also provides step by step guidance, and insight into the best strategies for achieving optimal migration results. 

The user interface provides an easy way to view concise information about your environment.    Users can navigate between different scenario groups including cloud, desktop, server, desktop virtualization, database, server virtualization, usage tracking and environment.  On the scenario group page there is a list of tiles that each represent a scenario in MAP.  The information on each tile provides a summary of the data available in the underlying scenario.  Clicking on the tile will provide more detail and enable users to generate a readiness report.  In the example below, you can see this hypothetical organization’s readiness for Windows 8, Windows 7, Office 2010, Office 2013 and Internet Explorer Discovery.

Figure 1: Scenario group “desktop” example

This tool can also be used to identify legacy products.  Unsupported, legacy products can pose a serious security risk to an IT environment as they no longer receive new security updates for new vulnerabilities discovered. There can also be configuration issues with production systems that can cause security problems. These issues put legacy systems at risk of being compromised by attackers.  The weaknesses can expose networks to malware and attackers.  I’ve written about the increased risk from using unsupported legacy products in the past.  In the example below, the MAP toolkit identified 48 legacy servers.  

Figure 2: Scenario group “server” example

MAP is a powerful tool that can be used to help plan for Microsoft platform migrations.  The latest version of MAP includes migration assessments for Windows 8, Windows 7, Office 2010 and Office 365, Windows Server 2012 and Windows 2008 R2, SQL Server 2012, Hyper-V, Microsoft Private Cloud Fast Track, and Windows Azure.  

The MAP Toolkit is designed to ease the process in assessing platform migrations and save organizations time and money.  If you are looking for a cost effective tool to help assess your organizations migration needs, or simply to inventory and identify security risks then I encourage you to check out the Microsoft Assessment and Planning Toolkit.  For more information, check out these helpful resources:

Tim Rains
Trustworthy Computing


Read other parts of this series

Part 1:   Microsoft’s Free Security Tools – Series Introduction
Part 2:   Microsoft’s Free Security Tools – Attack Surface Analyzer
Part 3:   Microsoft’s Free Security Tools – Enhanced Mitigation Experience Toolkit

Part 4:   Microsoft’s Free Security Tools – BinScope Binary Analyzer

Part 5:   Microsoft’s Free Security Tools – Threat Modeling 
Part 6:   Microsoft’s Free Security Tools – banned.h
Part 7:   Microsoft’s Free Security Tools – Windows Defender Offline
Part 8:   Microsoft’s Free Security Tools – Portqry
Part 9:   Microsoft’s Free Security Tools – Summary
Part 10: Microsoft’s Free Security Tools – Microsoft Baseline Security Analyzer
Part 11: Microsoft’s Free Security Tools – Microsoft Safety Scanner
Part 12: Microsoft’s Free Security Tools – Anti-Cross-Site Scripting Library
Part 13: Microsoft’s Free Security Tools – Microsoft Security Compliance Manager Tool
Part 14: Microsoft’s Free Security Tools – URLScan Security Tool
Part 15: Microsoft’s Free Security Tools – Microsoft Assessment and Planning Toolkit



About the Author
Tim Rains

Chief Security Advisor, Microsoft Worldwide Cybersecurity & Data Protection

Tim Rains is Chief Security Advisor of Microsoft’s Worldwide Cybersecurity & Data Protection group where he helps Microsoft’s enterprise customers with cybersecurity strategy and planning. Formerly, Tim was Director Cybersecurity & Cloud Strategy in Trustworthy Computing at Microsoft, where he Read more »