Firewall

Sonatype Repository Firewall (Firewall) is your first line of defense when managing open source components in your Software Development Lifecycle (SDLC).

  • Prevents malicious components from entering your software supply chain
  • Evaluates every new component against a set of custom governance policies
  • Automatically quarantine components for review before they are available in your artifact repository


Firewall is powered by Sonatype IQ Server. See Licensing and Features to learn more about our products and solutions.

Getting Started

If you're a new Repository Firewall we recommend checking out our Getting Started page.

What's New

To see the latest changes and updates to the IQ Server, see the Release Notes.

To download the latest version, see Download and Compatibility.

Comparing Firewall features

FeaturesClassic (C) FirewallNext-Gen Firewall (NG)
Sonatype Nexus Repository
Next-Gen Firewall (NG)
JFrog Artifactory
Policy Driven Quarantine for Proxy Repositories

(tick)

(tick)(tick)
Namespace Confusion Protection

(tick)

(tick)

(tick)

Protection from Pending & Suspicious Components*
Available for npm, Maven, & PyPI

(tick)(tick)
Automatic Quarantine Release
(tick)(tick)
Policy Compliant Component Selection**
Available for npm

(tick)

(tick)

Minimum IQ Server Version-144144