Skip to main content

Firewall Audit and Quarantine Capability

The Repository Firewall configuration may be managed by setting the Firewall: Audit and Quarantine capability for each proxy repository that will need to be protected.

Adding the Audit and Quarantine Capability

  1. Log in to Nexus Repository Pro 3 with Administrator credentials

  2. Select Settings from the menu

  3. Select Capabilities under System on the side menu

  4. Select Create Capability

  5. Select Firewall: Audit and Quarantine

  6. From the dropdown, select the repository to configure with the Repository Firewall

  7. Select the Enable Quarantine for Repository checkbox

  8. Select Create Capability

Audit and Quarantine capability creation menu

The audit on the selected repository will automatically start. Nexus Repository connects to the IQ Server and evaluates the components within the selected repository against any associated policy.

The Quarantine option is required to protect your repository from critical threats. By default, only malicious components are quarantined; these should never be allowed in your repository. You have control over the Repository Firewall's enforcement using actions on your IQ Server policies.

See Managing the Quarantine

Disabling the Audit and Quarantine Capability

Disabling quarantine will release all quarantined components to your proxy repository. Previously quarantined components are not quarantined again. Only new components are evaluated for quarantine when quarantine is re-enabled.

To disable Audit and Quarantine:

  1. In Nexus Repository, navigate to the Settings menu and select Capabilities under System.

  2. Select the Firewall: Audit and Quarantine capability for the target repository

  3. To disable Audit -> select Disable. Quarantine is disabled as well

  4. To disable Quarantine -> deselect the Enable Quarantine for Repository checkbox

  5. Select Save