Quarantined Component View
NEW IN RELEASE 136
Next-Gen Firewall allows users to view a temporary report for quarantined components. This report provides detailed information about the quarantined component and offers potential remediation solutions.
The report is available for 12 hours after the component is requested.
We recommend you disable anonymous access if your IQ Server is accessible to users outside your organization.
See Disabling Anonymous Access at the bottom of this page. Consult with your legal and security teams to determine if you should disable this feature for your organization.
Accessing a Report
Nexus Firewall creates the Quarantined Component Report when a user requests a quarantined component. This link will be available through their CLI.
Reviewing the Quarantined Component Report
The quarantined component report provides detailed information about the requested component including its policy violations and remediation strategies. It includes the following sections:
Overview - This section indicates that the requested component has been quarantined.
Component Overview - The title of the section is the component name. The rest of the section provide information on the components current status, including the First Quarantined Date and Other Versions In the Repository
Risk Remediation - This tab provides information to remediate the violations causing quarantine. The Recommended Versions section suggests versions without the failing policy violations. Versions with no build violations and versions without build violations for direct dependencies are both suggested as possible alternatives. This section also includes a Version Explorer which allows you to compare versions visually.
Policy Violations Causing Quarantine - This section lists the failing violations. When upgrading a component is not available you will need to receive a waiver for all policies listed to use the component.
Other Versions - This section lists other versions already present in your repository. These versions are not quarantined and can be downloaded without issue. Substituting the requested version with a version listed in this section is a potential alternative to a waiver request.
Disabling Anonymous Access
Anonymous Access to the Quarantined Component View can be disabled using the Firewall REST API.