Skip to main content

Firewall Audit and Quarantine Capability

The Repository Firewall configuration may be managed by setting the Firewall: Audit and Quarantine capability for each proxy repository that will need to be protected.

Alternatively, we recommend using the Repository Firewall Guided Setup to configure all repositories at once or through the Repository Manager pages under the Orgs and Policy menu.

This capability was previously named IQ: Audit and Quarantine before the Nexus Repository 3.54.1 release.

Adding the Audit and Quarantine Capability

  1. Log in to Nexus Repository Pro 3 with Administrator credentials

  2. Select the Administration cog from the main toolbar

  3. Select Capabilities under System on the side menu

  4. Select Create Capability

  5. Select Firewall: Audit and Quarantine

  6. From the dropdown, select the repository to configure with the Repository Firewall

  7. Select the Enable Quarantine for Repository checkbox

  8. Select Create Capability

Audit and Quarantine capability creation menu

The audit on the selected repository will automatically start. Nexus Repository connects to the IQ Server and evaluates the components within the selected repository against any associated policy.

The Quarantine option is required to protect your repository from critical threats. By default, only malicious components are quarantined; these should never be allowed in your repository. You have control over the Repository Firewall's enforcement using actions on your IQ Server policies.

See Managing the Quarantine

Disabling the Audit and Quarantine Capability

Disabling quarantine will release all quarantined components to your proxy repository. Previously quarantined components are not quarantined again. Only new components are evaluated for quarantine when quarantine is re-enabled.

To disable Audit and Quarantine:

  1. In Nexus Repository, navigate to the Administration menu and select Capabilities under System.

  2. Select the Firewall: Audit and Quarantine capability for the target repository

  3. To disable Audit -> select Disable. Quarantine is disabled as well

  4. To disable Quarantine -> deselect the Enable Quarantine for Repository checkbox

  5. Select Save