Things to know about licensing and potential scanning issues.


  • When you designate Scan Points, you are installing Nmap and Npcap. The Nmap security scanner and Npcap packet capture library are used within BigFix under license from Insecure.Com LLC (The Nmap Project).
  • Nmap is distributed as a .zip file. To extract it, BigFix temporarily downloads and uses Info-Zip's decompression tool. Info-Zip is an open-source decompression utility. For more information about Info-Zip, see

Potential scanning issues

  • Network scans might trigger Intrusion Detection Systems. To minimize this possibility, set the Nmap scanning mode to 0 ('Paranoid'), or modify your IDS to allow Nmap scans. This might cause scans to take longer.
  • Network scans might cause certain legacy network devices, such as old network printer devices, to fail if scanned.
  • Network scans might cause personal firewalls to advise you that a computer is scanning the local computer. Modify your firewall to allow Nmap scans.
  • Nmap is sometimes flagged by virus scanners as a potentially harmful tool. Ensure that your virus scanner is not set to block Nmap from running.
  • If you set Nmap to scan a very large network, it might take several hours and consume significant bandwidth during the scan. The default scan is the local Class C network, which is usually a fast LAN. It is not recommended that you scan large networks across the WAN with this tool.
  • Using Nmap to scan is typically a very safe operation, but there may be issues specific to your organization that must be addressed. Obtain the appropriate authorization from your network team before proceeding.
  • The scan point name cannot include any non-ASCII characters. Any non-ASCII character might result in unmanaged assets not being found when a non master operator runs "By Scan Point", or it fails to upload the scanning report to the BigFix server.