Why We Built the Netformx Docker Container the Way We Did

Hello Cisco Partners,

If you’ve been around IT long enough, you’ve probably run into Docker. It’s a powerful tool — and incredibly convenient — but like anything powerful, it comes with some caveats. Especially when it comes to security.

At Netformx, we use Docker too. But rather than just throwing something together and publishing it to Docker Hub, we took a step back and asked: How can we make this safer and easier for our users — especially in enterprise environments where security and predictability matter?

Here’s what we came up with, and why we think our container is a better fit for network assessment projects than a general-purpose image you might find online.

Trust for Docker Starts with the Source

We’ve all been tempted to grab a random Docker image because it “has all the tools.” The problem is, you don’t really know what’s in there — or who built it, or whether it’s been updated since 2018.

That’s a non-starter for us. We wanted to create something you can actually trust: built, tested, and maintained by our team. It’s versioned, documented, and aligned with what our software is supposed to do. And if something goes wrong, we’re here to help — not some anonymous GitHub user.

A Purpose-Built Docker, Not a Kitchen Sink

A lot of Docker images try to be everything at once. They include tools for scanning, penetration testing, packet sniffing — the works. That might sound useful, but it also raises red flags for security teams. Those kinds of Docker containers often need root access or full access to the host network, and that’s where things get dicey.

Our Docker container is designed just for network discovery and assessment. It doesn’t try to be a toolbox for everything. It does what it needs to do — and that’s it. No extra baggage, no unnecessary permissions.

No Scary Docker Flags

If you’ve worked with community images, you’ve probably seen setup instructions that include –privileged, –net=host, or mounting sensitive host directories. That’s… not great. Those flags might be necessary for general tools, but they open up your system in ways most IT teams won’t be comfortable with.

We built ours to avoid all that. It runs in user mode, uses standard network protocols (like SNMP and SSH), and doesn’t need special permissions. You can run it with confidence without worrying about compromising the rest of the network environment.

Docker Deployment Shouldn’t Be a Guessing Game

One of the things we hear often is that teams just want something that works — and doesn’t make them hunt through forums to figure out which ports to open or how to limit access.

That’s why we’ve documented the important stuff: how to deploy in different environments, what ports are used, how to set IPs or VLANs, and how to keep access tightly scoped. We’ve tested it in real-world setups, so you’re not flying blind.

Enterprise-Friendly from the Start

We know that many of you are working in environments with strict security policies, internal audits, and IT checklists. We built our container with that in mind.

It passes internal scans, has a clear license and audit trail, and aligns with common enterprise security policies. You don’t have to explain why you’re running something sketchy — because it isn’t.

The Bottom Line

Docker is great — when used wisely. We know how risky it can be to rely on random containers for serious work, which is why we took the time to build one that’s focused, secure, and supportable.

And the real value kicks in once you’ve run your assessment. When you bring that data into Netformx AssetXpert, you’re not just looking at raw device lists — you’re enriching it with multivendor End-of-Life details, Cisco SmartNet contract status, and other critical insights that help you take action, not just inventory.

If you’re already using Docker, we think you’ll appreciate how much easier and safer this makes things. And if you’re new to containers, this is a good place to start — without the usual headaches.

Need help getting set up? Reach out me at mike.johnson@netformx.com or support@netformx.com — we’re happy to walk through it with you.

Is Docker Safe?