IQ Server Setup

Sonatype Repository Firewall is powered by Sonatype's IQ Server. This page walks through the necessary configuration options to quarantine components. 


  • IQ Server 
    • The repository must be connected to IQ Server
    • A Sonatype license for Repository Firewall installed in the IQ Server
  • IQ Server role permissions
    • Ability to view and edit elements at the root organization. The built-in roles of 'Policy Administrator' and 'Owner' have these permissions
      For more information on assigning roles and permissions, see Role Management
      To learn more about the root organization, see Root Organization

Configure Policy for Proxy Stage

Components that violate a policy set to Fail at the proxy stage in the Root Organization or Repositories will be quarantined and not made available for download. 

Firewall blocks components from entering proxy repositories based on policies set at the Root Organization and Repositories in the IQ Server.

When configuring policy at Root Organization, the firewall only quarantines components if the field This Policy Inherits is set to All Applications and Repositories

  1. Navigate to your IQ Server Dashboard
  2. Select Orgs and Policies 
  3. Select a policy to govern Firewall's quarantine behavior
  4. Click the Fail radio button in the Proxy column under the Actions section.

  • Change the proxy action to Warn or No Action to stop Firewall from quarantining components based on that policy
  • To learn how to configure a policy at Repositories level, see Configuring Policies
  • To learn how to create a policy, see Policy Management

Feature-Specific Configuration Options

  • Quarantine Auto-Release 
  • Policy Compliant Component Selection
  • Prevent Namespace Confusion
  • The Firewall tab in IQ Server