Sonatype Repository Firewall (Firewall) is your first line of defense when managing open source components in your Software Development Lifecycle (SDLC).
- Prevents malicious components from entering your software supply chain
- Evaluates every new component against a set of custom governance policies
- Automatically quarantine components for review before they are available in your artifact repository
Firewall is powered by Sonatype IQ Server. See Licensing and Features to learn more about our products and solutions.
If you're a new Repository Firewall we recommend checking out our Getting Started page.
To see the latest changes and updates to the IQ Server, see the Release Notes.
To download the latest version, see Download and Compatibility.
Comparing Firewall features
|Features||Classic (C) Firewall||Next-Gen Firewall (NG) |
Sonatype Nexus Repository
|Next-Gen Firewall (NG)|
|Policy Driven Quarantine for Proxy Repositories|
|Namespace Confusion Protection|
|Protection from Pending & Suspicious Components*|
Available for npm, Maven, & PyPI
|Automatic Quarantine Release|
|Policy Compliant Component Selection**|
Available for npm
|Minimum IQ Server Version||-||144||144|