Nmap Reviews

40 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.5 out of 100

Do you work for this company? Learn how we help vendors

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-20 of 20)

Companies can't remove reviews or game the system. Here's why.
April 30, 2021
Dylan Eikelenboom | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
For our organisation, we use Nmap on a weekly basis, especially in the technical departments (IT development, technical support), primarily for network troubleshooting purposes; We use it to identify network problems, see the route our network messages take geographically, and more. It is quite extensive, and I can say that after a couple of years of use, I am still sometimes surprised about new features I didn't know existed. Lately I have used it quite alot for verifying the encryption settings of our websites (TLS versions, ciphers, SSL certificates), to make sure it is up to our cybersecurity standards.
  • It is open source, so you can verify how it works
  • It is very extensive, with lots of advanced networking features
  • It is very lightweight and easy to start up
  • The learning curve is quite steep
  • On Windows, not all functions are available
  • If you do not limit your scan range, a command can take a really long time to complete
Nmap is the ideal solution if you are working alot in network environments. If you come to grips with the syntax and the most-used features (the online community helps alot), you will be able to much more quickly and thoroughly troubleshoot networks or check for security vulnerabilities, for instance. It is free to use and is available for Windows and Linux, so I would say it is very much warrented for any network administrator or sysadmin to take it out for a spin.
Read Dylan Eikelenboom's full review
April 29, 2021
Mike Nostrom | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We are generally using Nmap to scan our network segments for lost machines, open ports and vulnerabilities. There are several others that have used it but I am generally the only one to perform large scans.
  • Nmap is fast and flexible, It allows me to perform custom scan across my network(s)
  • Nmap provides crucial OS information when possible
  • comes in GUI and command-line versions
  • allows me to scan individual IP, ranges and full subnets
  • The ability to throttle the scan progress helps me to avoid triggering alarms
  • exporting, There's a serious lack of ability to export the information in a readable format to present to VPs and such. I always find myself doing a lot of data massaging to get it in a pretty format
  • some scans can trigger sensitive IDS/IPS
  • SYN scans can be particularly aggressive and cause problems on remote systems.
Nmap has helped us perform scans of our network to track down lost computers. In this virtual world it is easy to lose a physical box. Nmap has helped up find these lost machine and add appropriate monitoring tools on them. Nmap has also been crucial to find machines for Windows Operating system end of life project. Scanning machine and obtaining OS version is crucial for our Windows decom project.

Exporting the results from these scans do not always format nicely when imported into spreadsheet programs. much data manipulation is required.
Read Mike Nostrom's full review
April 13, 2021
Greg Madden, CISSP | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Nmap to do internal vulnerability testing and identifying holes in network security. The most common use case for me is to use Nmap to identify running services on devices to spot potential weaknesses in firewall rules or router rules. Many employees are familiar with Nmap and use it as well. It helps us identify problems quickly in new environments before we move to vulnerability scanning.
  • Nmap is great at finding live hosts on the network
  • Nmap is great for teaching new cyber specialist how network reconnaissance works
  • Nmap is built into every major recon tool on the market, it just works when it comes to scanning
  • There could be more built in tools for further vulnerability scanning
  • command line Nmap should store recent scans automatically
  • More detail in the help menu for what some of the triggers actually do
One of Nmaps strongest skills is the ability to gather initial evidence about networks to begin narrowing down target windows. Nmap can scan entire subnets and find only live hosts and then more intensively scan the live hosts to help identify which ones have the most vulnerable services or open ports. It is not suited for actual exploitation, just the initial steps
Read Greg Madden, CISSP's full review
May 01, 2021
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Nmap is one of those long-standing tools that everyone turns to when they need to scan a network for devices, services, open ports, etc. In our company, it gets used regularly for troubleshooting, auditing, and general tinkering. I'm not sure what we would use in place of it, because there's never been a reason to look elsewhere. It's been around since the 90's and it's always to hand!
  • Comprehensive port scanning of both TCP and UDP ports.
  • Clever 'interrogation' of services listening on open ports. It will use all sorts of techniques to try and work out what service is listening on a port, and potentially even version and host information, etc.
  • Very configurable. You can choose exactly what you want to scan for, limit to port ranges, protocols, IPs, etc.
  • Very scriptable. Being a command-line utility (check out Zenmap if you want a GUI), you can call it from your own scripts, automation pipelines, etc.
  • Not a problem with Nmap, per se, but the related Zenmap GUI could do with some love! It does the job perfectly well so I shouldn't complain, but it would benefit from a modern makeover.
If you're a sysadmin, or anyone who's had to deploy network services, you've almost certainly had to use Nmap at some point or other. Need to see what devices are on your LAN? Nmap can tell you that. Want to check which ports your web server has open to the internet? Nmap is your friend.

Nmap is a powerful command-line tool and has many options that require some reading of documentation to get the best out of (although generally straightforward). If the thought of working at the command-line scares you (presumably not if you're reading this review), then you may want a much simpler tool, or at least check out Zenmap GUI.
Read this authenticated review
April 30, 2021
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Nmap is pivotal in anyone in the networking and security space. This works on all operating systems and is very simple, but versatile. In my area, we use this often to see what ports and protocols are being used, what are open, auditing, testing, etc. Every vulnerability tool has Nmap built into it for the product. Often, when I have minimal time or access, Nmap is very useful.
  • Scanning multiple IPs for open ports
  • very lightweight and not heavy
  • First step in auditing, pentesting, etc.
  • Bit of a learning curve
  • Syntax can be confusing
Often, when we get a new service or api or endpoint created, we like to check it out and verify network settings upon creation. Especially if there are ports open that we don't need or want depending on internal classification.
Also, when we set up a new product or do a proof-of-concept of a software we're looking into, we like to scan it and see what ports may be used and open and then bring it up with our sales engineers.
Read this authenticated review
April 29, 2021
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Nmap in our CyberSecurity department to detect different machines and software version in our clients' networks. It helps us to analyze easily the network topology of the network and detect misconfigurations or deprecated software. In that case, we can conduct remediations to patch the machines and improve security.
  • Ease of use
  • Completeness
  • Good interface
  • Lots of options
  • Curve of learning
  • Fluent design
  • Better docs
Nmap is well suited to analyze a new network of which you don't have info, because you can find configurations, OS and software versions, and moreover. Nevertheless, I wouldn't use Nmap in certain environments, like OT, because you can interact with the processes. Besides, if you have a full knowledge of the nerwork, it won't be useful.
Read this authenticated review
February 13, 2020
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Nmap to both scan our network from time to time as well as to validate scan results from other platforms such as Nessus or Nexpose. One of the perks of NMAP is the built-in scrips that not only will look for weaknesses but also validate them by performing the exploit to see if the vulnerability can be exploited or not.
  • Very user-intuitive.
  • Built-in scripts allow for vulnerability testing.
  • Better GUI for ZenMap.
  • Can be difficult to learn and master.
As a blue/red team member, NMAP is crucial to my day and I would highly recommend it to other users needing the same type of tool for scanning. This tool is a key program to use for enumeration and port-scanning a network. One of the caveats though is if you do not have network connectivity then this tool will not be able to provide any results.
There is a very large support community and a robust selection of add-ons and scripts. Once you get the use down this is one of the most powerful tools and you can find anything you are looking for as far as examples on the web. While not having official support its not lacking by any means.
Read Alan Matson, CCNA:S, MCP's full review
February 27, 2020
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
It's only being used by our IS department. Mainly for scanning of open ports on devices. Looking for possible security holes using Nmap's scripting engine.
  • Open/Closed ports.
  • OS detection.
  • I would it say it's hard for new people using it as the there are too many switches.
  • Better/faster udp scanning. I know that udp is best effort but something better would be great instead of waiting for timeouts.
Powerful for such a small application. Easy to install on Linux, if not a default app that's is already installed. If you need a quick scan of a network for up/down hosts and there IP address/name it's great.

If you get into OS detection and mass port scanning of a large network it does slow down a far bit.
Great product. Can't beat free with a lot of front ends and some expandability.
Read this authenticated review
October 04, 2019
Peter Paccione | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Nmap is a tool that I would say is always required in network testing. It's literally the first step to enumerating a network host. It's also extremely useful for non intrusive testing as well. I would use Nmap before I use any other major scanner just to get a good idea of the open ports, then I would nail those with another test.
  • Enumeration
  • Port Scanning
  • Network scans
  • Vulnerability checks
  • They do not make modules fast enough! More more more!
Nmap should be used in any network environment, but can even be used to scan the local host. There are a myriad of uses for it though, I frequently use it when deploying cloud servers to audit ports, or check if traffic is getting through. I also use it to audit my own firewall, just to ensure the correct ports are opened and closed.
I am not sure they have customer support, as they are a free and open source tool. But since this is a question, I would say the community does a really good job at maintaining the tool itself. New features are always added. And if you have an issue with the tool, you can always post a bug on github
Read Peter Paccione's full review
September 25, 2019
Zishan ali | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Nmap is an network mapper which is used for finding the open ports in the network and also we can find the vulnerability in the network infrastructure. We've been using Nmap in our organisation since for 1.3 years. It is a very useful tool that I use for scanning and exploiting the latest vulnerability from the network and also we can find the open ports in the network devices.
  • Nmap is an network mapper
  • Finding the open ports is very easy using the Nmap
  • I recommended this tool all the other employees .
  • If there is no network we cannot use this tool
  • I recommended to use this tool
Nmap is well suited for every network device. We use this tool to find the open ports.
Its useful tool for network engineers and cyber security engineers where they used for finding the open ports.
Read Zishan ali's full review
October 07, 2019
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
NMap is used both by my department and other departments within our IT section. In particular, the network engineering department uses it to identify end-hosts that may be unauthorized to be on our network, while the security department uses it to assess the threats of different hosts within the enterprise network.
  • Highly accurate endpoint identification
  • Vulnerability scanning is detailed and clear.
  • Easily scripted and analyzed
  • CLI only; there is an unofficial graphical interface (but it isn't too great)
  • Not supported by a vendor
  • Somewhat steep learning curve
NMap is well suited to any environment that requires vulnerability scanning or endpoint identification. The application is free to use and well-documented. Any network that has technicians capable of running and interpreting scans would benefit from installing NMap. The only reason I wouldn't recommend NMap would be a scenario in which the users didn't have the capability to run or interpret the output of the application.
NMap doesn't really have support out there. There is fantastic documentation on it located at the NMap website, but no support to speak of. In this facet, another application may be a better fit for most organizations, at least if there is a support requirement to run the application. The good news is that Nmap doesn't cost money, so if it doesn't work for you and you can't find support, you'll be no worse off than when you started.
Read this authenticated review
October 03, 2019
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use it to maintain PCI compliance by checking ports, by testing firewall rules, and to double-check what we see connected to the network. It's a great tool to identify unintended changes or open ports, or to verify our third-party scanner reports one way or the other.
  • Detects open ports
  • IDs hosts
  • Checking firewall rules
  • Maybe take some of the features of Zenmap and bake them in?
  • Include fancy extra graphical results charts or graphs or something to show people who you want to convey info too but have no idea what Nmap is actually doing.
  • I don't really think I'd change a lot actually.
If you get an email saying your organization has failed its PCI scan because of a service running on a specific port that is a known port, say port 500 for a tunnel or something, and they want you to justify why port 500 is open, but you never opened port 500, you can use Nmap to check that. It's awesome in that role.
The best support for it is its webpage which has more than enough information to get you going, however, there are also a million or so youtube videos, etc., so that if you are familiar with the basic ideas, you can easily get up and running with just a little work.
Read this authenticated review
July 31, 2019
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
It is being used in the IT department for network monitoring. It addresses a wide range of problems, testing device security, identifying unknown devices, and mapping the existing network.
  • Network monitoring
  • Port Scanning
  • Service enumeration.
  • It works perfectly as it is where features are concerned. If it is combined with Zenmap for those preferring a GUI, it's invaluable.
As a new Network Admin coming into a network with virtually no documentation at the workstation OR server level, Nmap was the perfect starting point to get some idea of the types of devices on the network, the services they were running, and how they were configured at the port level.
Read this authenticated review
November 05, 2019
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Nmap is THE tool to use for network monitoring. Though as a Technical Security Officer I do not do any penetration tests myself, I do the occasional scan with Nmap to check for servers and/or services. With its huge amount of options you can scan your network in any way you like.
  • It's quick (and depending on the options and your preferences for scanning can be made to run even quicker)
  • Huge amount of options
  • User community support is ubiquitous
  • Hardly anything to mention
Very well suited for anyone wanting to scan their network (with permission if required!). Being a command line tool you need some knowledge, so not for a beginner.
User supported community support is outstanding. As the tool is so ubiquitous, any question you might have can be answered very quickly by one of your peers (or anyone else).
Read this authenticated review
October 09, 2019
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Nmap in our IT operations for troubleshooting network issues and improving network performance. It's great for security testing and mapping your network infrastructure.
  • Open port scanning is a great tool to ensure your internal and external networks are secured.
  • being able to identify endpoints and ensuring they are configured correctly.
  • Great to be able to script within NMAP. It truly can be tailored to your exact needs
  • Wish it had a gui and a better UI experience.
  • Even though it's free an enterprise support option would be great.
Nmap is great at finding out the weak points within your internal and external network. Being able to find out exactly what devices are on your internal network is a great asset to securing your network from internal threats.
Nmap is completely free and has a vast array of configurations that it can perform. Nmap is a great tool to secure your internal and external network from most common threats. I would highly recommend it, anyone, that it's the IT infrastructure field.
Read this authenticated review
September 18, 2019
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use it only on the IT department to make intensive scans on the network for troubleshooting purpose and to find anomalies.
  • The GUI is very helpful for those that don't like the classic way.
  • Intensive Scan, Ping and port scans
  • Make a little topology of the Host found.
  • Does not work all the time depending on the network and the security on it.
Is a powerful tool, but be careful not to make too many flood and SYN floods using this software. It can scan a lot of things and it can decrease performance on other device in the network.
I don't own a support with them and I have never opened any case with them. I can't give a rate on this.
Read this authenticated review
February 07, 2019
Demitri Pevzner | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
The software is used by me personally. Currently, I use Nmap to sweep LANs to determine if any rogue devices are connected. Additionally, any unknown items can be port scanned, and present services determined. Similarly, for security testing, vulnerabilities of specific VMs can be discovered using NSE scripts.
  • Scans for open ports, giving you the option of how aggressively or lightly to scan.
  • Can help determine which OS and services are running on a device, again, giving the option of how aggressively to scan a device.
  • There is something of a learning curve in using the tool. A number of shortcuts and GUI options are available in Zenmap to simplify the process, but perhaps a more visual interface can help simplify the selection process prior to executing the Nmap command.
I would say it excels in network sweeps for either inventory or footprinting. Very easy, intuitive, and the GUI does simplify the process considerably. I would say some of the more complex NSE scripts for finding holes in network security could be done a bit better, but for what it is, it is an excellent tool.
Read Demitri Pevzner's full review
February 02, 2019
Roger Mialkowski | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Nmap several times per week to assist applications teams that aren't familiar with a new/existing software package they are tasked to support. This is necessary because we have firewalls that require explicit rules to allow the applications to communicate on the network. Often the applications teams do not know the software they are supporting on that intricate level. Nmap helps us determine exactly how the application talks on the network.
  • Nmap has a unique process of fingerprinting applications/devices to help us identify their communications patterns quicker.
  • Nmap can be used for network auditing by specifying whole subnets that you would like to scan for open/closed ports.
  • Nmap has a diverse presence and can be used from most operating systems.
  • Since Nmap is a free software, new and updated versions don't pop up regularly. It's rather complete as it is, but technologies advance quickly and it would benefit NMAP to try to keep up.
  • Nmap is currently offered as graphical and command line programs. Not sure if a web-based version would be something the developers would consider.
  • Nmap does not appear to offer commercial support so you are at the mercy of the community and developers if you have a particular problem you need to find a resolution for in a short amount of time.
Nmap is great for any person in IT that supports applications, computers, servers, network gear, printers. It can help pinpoint whether or not there is network communication available at a particular port or range of ports. It is perfect for finding open ports that should really be closed/firewalled.
Read Roger Mialkowski's full review
August 29, 2018
Kenneth Hess | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
All of IT and Security uses NMap to scan systems for rogue or non-approved open ports. We also scan to be sure there are no non-approved operating systems, such as Windows XP or Vista on the network. I also use it to check open port service versions. In other words, I need to be sure that systems running an SSH server, for example, have the latest or the most secure version of the software. NMap helps us keep our systems secure. A periodic network sweep with it also keeps us updated on any new systems attached to the network and exactly what they're running. It provides a snapshot inventory, as well as, the security information. Any suspect systems can be intensely scanned and physically located for further investigation.
  • NMap provides a very fast and a very thorough network "sweep" that allows you to quickly map out exactly what's on your network.
  • NMap is highly configurable. The "canned" choices are very good in most instances, but using various switches and options, you can create a very specific scan and get exactly the results you're looking for.
  • NMap is easy to use. Even a new administrator will be able to use the graphical version (Zenmap) with efficiency right away.
  • Running stealthier scans would be a bonus. Current scans are pretty noisy.
  • Scans run fast, which sometimes can make it look like a system is being attacked. There is a slow, comprehensive scan option, though.
  • NMap scripts are written in Lua, which is not a mainstream language.
NMap is well suited to just about any situation, network size, or complexity. Some have brought up the point that NMap's proxy settings need work. I haven't used NMap with a proxy. NMap is my "go to" tool for a cursory security sweep. Once a problem is found, I can perform a deeper dive scan on a system or a network. I wouldn't, and don't, use NMap as my only security tool. No single tool has all the answers. For example, it is not a Wireshark in that it does not capture packets or analyze them. It is basically a port scanner, host discovery, OS detection tool.
Read Kenneth Hess's full review
December 03, 2018
Perry Hahn | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Nmap is utilized by me team of support engineers on a regular basis to identify devices that are on our companies network to see available IP addresses and what we can use to put static IP addresses on our equipment. Using Nmap at first is very confusing but after using it once or twice, it is easy and very helpful.
  • Nmap allows you to search IP ranges that you as the user determine
  • Nmap gives you a detailed list of utilized IP addresses in the range that you have identified
  • Nmap provides what type of device is utilizing an IP address
  • When scanning, you have to put in the exact numbers for it to scan, which can be annoying
  • Nmap is very simple and just pings IP ranges, I wish it could do more
Nmap is well suited for already situated networks when looking for open IP addresses on the network. When a new piece of equipment, such as audio visual equipment, needs to have a static IP for support purposes, Nmap allows you to scan a full IP range and find an open one for you to use.
Read Perry Hahn's full review

Feature Scorecard Summary

Automated network device discovery (13)
8.3
Network monitoring (13)
9.0
Baseline threshold calculation (7)
9.2
Alerts (4)
9.2
Network capacity planning (7)
7.3
Packet capture analysis (6)
7.1
Network mapping (18)
9.5
Customizable reports (11)
6.7
Wireless infrastructure monitoring (8)
9.1
Hardware health monitoring (5)
6.6

What is Nmap?

Nmap is a free, open source network discovery, mapper, and security auditing software. Its core features include port scanning identifying unknown devices, testing for security vulnerabilities, and identifying network issues.

Nmap Technical Details

Operating Systems: Unspecified
Mobile Application:No

Frequently Asked Questions

What is Nmap?

Nmap is a free, open source network discovery, mapper, and security auditing software. Its core features include port scanning identifying unknown devices, testing for security vulnerabilities, and identifying network issues.

What is Nmap's best feature?

Reviewers rate Network mapping highest, with a score of 9.5.

Who uses Nmap?

The most common users of Nmap are from Enterprises and the Information Technology & Services industry.