To summarise, the web interface can run on anything that will service PHP
My-SQL can run on the same box as the web interface, or on an entirely separate box. Anything which will run MySQL will do.
NMAP (optional, only used to find non windows devices on your LAN) and HFNETCHECK (Also optional, only used to find out what is NOT up to date in Windows) and the Audit.vbs script (which does all of the hard work) must all be run from a windows machine, however his can be any machine so long as the user running the application has sufficient privs. to see the resources being audited or checked. So for example a non admin user generally cannot administer WMI and therefore may not be able to perform a domain audit.
One final point, if you are attempting to audit machines and you have a firewall on the machines being audited, you must configure it to allow remote WMI to be seen.
(Most if not all of this is covered elsewhere in these posts, have a read through particularly the support forum).