Getting Started with Repository Firewall

Follow these instructions for installing the IQ Server

Your Sonatype Repository Firewall license will need to be added to your installation of IQ Server for either the self-hosted or the Cloud (SaaS) configurations.

At this point, you may wish to review the default Firewall policies. Sonatype's reference policy set is recommended for most new customers however adjusting them before the initial audit will save some time later.

Your Repository Firewall license supports either Nexus Repository Pro or JFrog Artifactory.

Nexus Repository Pro

The Firewall features are enabled in Nexus Repository Pro when you install your license.

See Nexus Repository 3 Pro Setup

JFrog Artifactory

For JFrog Artifactory you are required to install and manage the Repository Firewall for Artifactory plugin to enable the functionality.

See JFrog Artifactory Setup

We recommend using the Repository Firewall Guided Setup for the fastest deployment.

Manual installation requires each repository to be configured one at a time. The guided setup simplifies this by allowing you to select every repository to be onboarded from one view.

To manual configure Nexus Repository, review the Firewall Audit and Quarantine Capability

Once the Repository Firewall is enabled, it will begin to audit your configured repositories for open-source threats and generate a report for you to review your current risk.

Learn more about Repository Audit View Repository Results