Is CDD safe to run in production environment?
CDD is designed to use minimum system resources throughout a scan keeping in mind that most customers will use it on live production systems which cannot be taken offline or suffer scheduled downtime.
This article describes the primary aspects of how a scan is performed and the resources that are relied upon including what aspects may impact a scans performance.
Following are some of the resources that play an important role in scanning:
CPU – The CPU will be used throughout a scan to read the contents of each file to search for the card data in the contents. By default CDD scanner executable runs in Low Priority mode ensuring any other applications requiring CPU will be given priority which eliminates the likelihood of high CPU consumption.
Memory – Memory is used by the scanner executable throughout a scan to temporarily store data being read from disk. CDD has been designed with the ability to read files of any size without excessive memory usage. This means in the event a single file is 50GB+ in size, the file will be incrementally read in small chunks to minimize the amount of memory consumed.
Disk – This is one of the important factor that will determine the speed of a scan. Disk IO is the speed at which data can be read from a disk by the tool when attempting to search for the cardholder data. While scanning tool opens the every file in read mode to read the content and search for the data. The disk IO will increase and decrease throughout a scan depending on complexity and size of each file being scanned.
Network Speed – The File Share based scans is one of the simplest scans to run but it also has the potential to generate a significant amount of network I/O. CDD uses simple Windows based networking, just like you would “map” the file share to a drive, CDD does the same. When you access a file on any mapped drive in Windows, the file is copied over the network by Windows before it can be accessed this is a default windows behavior. CDD doesn’t do anything else but use Windows networking to access and scan the file.
In case of Domain and Exchange scanning the scanner executable actually runs on the target machine and CDD only copies the result files over the network to scanner machine which uses the very less bandwidth.
File Types – Certain type of file takes longer time for scanning because of the complex nature of data. for e.g. ZIP, XLSX, PST, TAR and PDF take more time because of the Decoding/Extracting overhead associated with this type of files.
Leave a Reply!
You must be logged in to post a comment.