Sonatype Repository Firewall (Firewall) is your first line of defense against dangerous open source components. It provides tools to keep risky components from entering your software supply chain, allowing you to proactively manage your risk while accelerating development by reducing rework. 

Firewall is powered by Sonatype IQ Server, which also powers Sonatype Lifecycle and Auditor. See Licensing and Features to learn more about our products and solutions.

Firewall is a solution that prevents bad components from entering your software supply chain. When new components are downloaded, Firewall evaluates every new component against a set of policies. Any component that violates one of these policies is then blocked from your repository.

Where do I Start?

If you're a new Firewall user, check out our Getting Started page.

What's New?

To see the latest changes and updates to the IQ Server, see the Release Notes.

Our documentation is written to match the latest available release of Firewall (powered by IQ Server) and any associated Sonatype Platform solutions and integrations.

To download the latest version, see Download and Compatibility.

The Sonatype Repository Firewall Product Line

Sonatype Repository Firewall offerings include:

  1. Classic Firewall (refered to as Classic Firewall)
  2. Next-Gen Firewall (referred to as Next-Gen Firewall)
    • With Sonatype Nexus Repository
    • With JFrog Artifactory 

On user licenses and related documentation:

  • Sonatype Repository Firewall (C)  refers to Classic Firewall
  • Sonatype Repository Firewall (NG) refers to Next-Gen Firewall

Compare Sonatype Repository Firewall Products

FeaturesClassic FirewallNext-Gen Firewall with Sonatype Nexus RepositoryNext-Gen Firewall with JFrog Artifactory
Policy Driven Quarantine for Proxy Repositories


Namespace Confusion Protection




Protection from Pending & Suspicious Components*
Automatic Quarantine Release
Policy Compliant Component Selection**


Minimum IQ Server Version-144144

* Currently only available for npm, Maven, & PyPI

** Currently only available for npm

Need Help?

As always, if you need any further assistance, please consult or contact support at