I have often been asked what free network monitoring tools I would recommend. With the vastness of the Internet against us in our search for free network monitoring tools, and since this is such a frequently asked question, I thought I would dedicate a post to showcase some free network monitoring tools I’d recommend.

Free Network Monitoring Toolsnetwork_monitoring_tools

  1. Scrutinizer Incident Response System: While most people believe that Scrutinizer is a paid commercial NetFlow/IPFIX analyzer, it is actually a free solution with options to upgrade for added historical reporting and flow analytics. When you first download you’ll start a 14-day trial period of these additional features. If they’re not features that you need, you can continue to use the free version indefinitely.
  2. Flowalyzer: Flowalyzer is a NetFlow and sFlow Tool Kit for testing and configuring hardware or software for sending and receiving NetFlow and sFlow data. Flowalyzer can help IT professionals troubleshoot hardware from vendors like Cisco, as well as NetFlow collector software, ensuring that whichever flow technology they use it is configured properly on both ends.
  3. IPFIXify: IPFIXify receives, formats, and exports massive volumes of valuable system health data generated by complex IT infrastructures (be they physical, virtual or in the cloud).
  4. Getif: Per their website, “Getif is a free multi-functional Windows GUI based Network Tool written by Philippe Simonet.  It is amongst other things, an excellent SNMP tool that allows you to collect and graph information from SNMP devices.  These devices include (but are by no means limited to) Windows 2000 (using the SNMP4NT or SNMP4W2K or SNMP-Informant extension agents, of course!), and other OS’s as well as devices manufactured by most major network companies (i.e. Cisco, 3COM, Dlink, Nokia, etc., etc.).”
  5. STG: While primarily developed for making an SNMP connection to, and monitoring input and output traffic on a router, STG can be adapted to connect to almost any SNMP OID and track other metrics.
  6. Wireshark: By far one of the most useful network monitoring solutions, Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. If you are new to using Wireshark, I recommend their DisplayFilters Display Filter document. It will provide you with a good start to searching through your packets.
  7. Nmap: Nmap is a free and open source utility for network discovery and security auditing. By using Nmap, network professionals can quickly discover open ports and other security vulnerabilities on the network. To complete a full scan, including UDP ports, you can use a command like nmap -sS -sU -T4 -A -v 
  8. Zenmap: Zenmap is actually the graphical user interface (GUI) for Nmap. It allows you to complete the same commands you would via the command line application, but in a way that is more easily understood. I highly recommend if you’re using a Windows OS. By the way, the command I provided for Nmap can also be pasted into Zenmap. Zenmap also provides some predefined commands out of the box, so no experience is needed.
  9. DNSQuerySniffer: If you’re interested in something fun and want to learn how your client is leveraging DNS, I recommend DNSQuerySniffer. It allows you to observe DNS traffic created by your own computer each time you make a connection to the Internet.

While this, of course, is only a small list of options for network professionals, I hope this will help you make the most of your network and keep it secure. If you have any questions about network monitoring, give our support team a call, they’ll be happy to help you out.


Justin Jett is Director of Audit and Compliance at Plixer with roles ranging from system administration of web services to technical product marketing for Plixer’s incident response system, Scrutinizer. Jett, a graduate of the University of Maine at Farmington, is an avid learner of all things security, with a particular interest in TLS and DNS attacks.