Skip to main content

Repository Firewall Getting Started

Repository Firewall is a set of features, powered by IQ Server, that integrate with Nexus Repository or through a plugin with JFrog Artifactory.

Configure the Repository Firewall with the following steps:

  1. Install the IQ Server ( not required with cloud tenant)

  2. Connect your artifact repository to the IQ Server instance

  3. Select your repositories to be protected by Repository Firewall

  4. Configure your policies to quarantine to protect against new risk

Install the IQ Server

Follow these instructions to install the IQ Server and add the Repository Firewall license.

You may wish to review the default Firewall policies before connecting to the repository manager. Sonatype's reference policy set is recommended for new customers however adjusting them before the initial audit may save time having to re-run the report again later.

You may wish to review the default Firewall policies before connecting to the repository manager. Sonatype's reference policy set is recommended for new customers however adjusting them before the initial audit may save time having to re-run the report again later.

Connect to an Artifact Repository

Your Repository Firewall license supports either Nexus Repository Pro or JFrog Artifactory.

  • Nexus Repository Pro

    The Firewall features are enabled in Nexus Repository Pro when you install your license.

    See Nexus Repository 3 Pro Setup

  • JFrog Artifactory

    For JFrog Artifactory you are required to install and manage the Repository Firewall for Artifactory plugin to enable the functionality. Note that Artifactory SaaS is not supported.

    See JFrog Artifactory Setup

Use the Guided Setup

We recommend using the Repository Firewall Guided Setup for the fastest deployment.

Manual installation requires each repository to be configured one at a time. The guided setup simplifies this by allowing you to select every repository to be onboarded from one view.

Review the Repository Audit

Once enabled, the Repository Firewall begins to audit repositories for open-source threats and generate a report of the current risk.

Components currently in your artifact repository are not quarantined; there is no disruption to your existing builds and deployments.

Learn more about the Repository Results view.