TrustRadius: an HG Insights company

Nmap

Score8.4 out of 10

47 Reviews and Ratings

Get a Demo

What is Nmap?

Nmap is a free, open source network discovery, mapper, and security auditing software. Its core features include port scanning identifying unknown devices, testing for security vulnerabilities, and identifying network issues.

Categories & Use Cases

Key Features

Learn about the best (and worst!) features Nmap has to offer, as determined by TrustRadius' reviewers.
Based on 47 ratings of Nmap's features
View all features

Top Performing Features

  • Network monitoring

    Monitoring network device availability and performance indicators like bandwidth, packet loss, CPU, WAN links, etc.

    Category average: 9.4

  • Network mapping

    Dynamic mapping tool allows the network topology to be mapped showing performance metrics, and link connection and utilization

    Category average: 8.7

  • Baseline threshold calculation

    Calculation of baseline thresholds so to establish warning thresholds

    Category average: 8.4

Areas for Improvement

  • Packet capture analysis

    Interception of data packets provides performance-related information such as network and application response times, and traffic type analysis

    Category average: 7.2

  • Wireless infrastructure monitoring

    Ability to monitor wireless access points, controllers, and connected clients

    Category average: 7.5

  • Customizable reports

    Ability to schedule, generate, and deliver custom performance and availability reports

    Category average: 7.9

Reviews

What users are saying about Nmap.
View all reviews

Nmap is the best of breed for network mapping tools

Incentivized
Verified User
Contributor in Information Technology (5001-10,000 employees employees)

Use Cases and Deployment Scope

We use Nmap to help troubleshoot networking issues, run internal purple team events, and identify operating systems and open ports. During purple team events we use Nmap to run some exploits on systems to make sure they are not suspectable to the particular exploits. Externally, we perform scans to verify ports that are exposed to the internet. Sometimes we use it to see what systems are on a particular segment of our network.

Pros

  • Nmap is very good at discovering systems on your network.
  • Nmap is very good at guessing a systems operating system with a high degree of accuracy.
  • Nmap is good at validating externally facing systems to make sure that unauthorized access is not allowed.

Cons

  • The GUI version on Nmap could use some improvement with the options that are available to do scans. For example, they could make it easier to select options for the different types of scanning for people who are beginners
  • There are no abilities to schedule a scan in the Nmap tool.
  • An intensive scan sometimes takes too much time to complete.

Return on Investment

  • Nmap is a part of other tools that I use and it give a high return on investment in the vulnerability management area.
  • It is very accurate with the information it provides. I would say more than 98% of the times Nmap is spot on the information it provides once validated.

Usability

Other Software Used

Microsoft Teams, Microsoft Defender for Cloud Apps, Microsoft Defender for Cloud

Complete networking tool for any sysadmin or network tester

Incentivized
Dylan EikelenboomView profile
Security Officer in Information Technology at IXON Cloud (51-200 employees employees)

Pros

  • It is open source, so you can verify how it works
  • It is very extensive, with lots of advanced networking features
  • It is very lightweight and easy to start up

Cons

  • The learning curve is quite steep
  • On Windows, not all functions are available
  • If you do not limit your scan range, a command can take a really long time to complete

Most Important Features

  • Checking network cybersecurity compliance
  • Troubleshooting network problems
  • Auditing for security vulnerabilities

Return on Investment

  • Technical support can use this to streamline customer problems much quicker
  • Software development use this to make sure all new release are up to security compliance standards
  • Security uses this to test for new vulnerabilities

Other Software Used

GitLab, Icinga, Docker

General review of Nmap

Incentivized
Mike NostromView profile
Senior Systems Software Specialist in Information Technology at Delaware Department of Health & Social Services (10,001+ employees employees)

Pros

  • Nmap is fast and flexible, It allows me to perform custom scan across my network(s)
  • Nmap provides crucial OS information when possible
  • comes in GUI and command-line versions
  • allows me to scan individual IP, ranges and full subnets
  • The ability to throttle the scan progress helps me to avoid triggering alarms

Cons

  • exporting, There's a serious lack of ability to export the information in a readable format to present to VPs and such. I always find myself doing a lot of data massaging to get it in a pretty format
  • some scans can trigger sensitive IDS/IPS
  • SYN scans can be particularly aggressive and cause problems on remote systems.

Most Important Features

  • fast
  • flexible
  • customizable

Return on Investment

  • Nmap is free. Its all profit baby!
  • Nmap has allowed up to be able to perform tasks for free which allows us to save $$ for other projects

Other Software Used

SolarWinds Network Performance Monitor (NPM), SolarWinds Virtualization Manager (VMAN), vRealize Operations

Nmap is the basis for all other scanners

Incentivized
Greg Madden, CISSPView profile
Cybersecurity Consultant in Information Technology at Kraken Security Consulting (51-200 employees employees)

Pros

  • Nmap is great at finding live hosts on the network
  • Nmap is great for teaching new cyber specialist how network reconnaissance works
  • Nmap is built into every major recon tool on the market, it just works when it comes to scanning

Cons

  • There could be more built in tools for further vulnerability scanning
  • command line Nmap should store recent scans automatically
  • More detail in the help menu for what some of the triggers actually do

Most Important Features

  • Subnet scans
  • Zenmaps GUI
  • Simplicity of command structure

Return on Investment

  • Drastically sped up network discovery
  • Decreased initial target acquisition time in pen testing
  • Identified issues within our own environment with open ports

Other Software Used

Nessus, KnowBe4 Security Awareness Training, PDQ Deploy

The best hacking tool you will ever need!

Incentivized
Alan Matson, CCNA:S, MCPView profile
Sr. Network Security Engineer in Information Technology at Insight (5001-10,000 employees employees)

Pros

  • Very user-intuitive.
  • Built-in scripts allow for vulnerability testing.

Cons

  • Better GUI for ZenMap.
  • Can be difficult to learn and master.

Return on Investment

  • It is open-sourced and widely available.
  • However, learning and training can be difficult since there is no support.

Alternatives Considered

Metasploit, Nessus and Rapid7 Nexpose

Other Software Used

Nessus, Metasploit, Rapid7 Nexpose