Cloud Architect at a tech vendor with 10,001+ employees
Real User
Top 10
Apr 28, 2026
I advise others considering Sonatype Repository Firewall to ensure they have strong organization-wide policies that comply with security regulations. This product can handle large volumes of data and scale as needed, offering excellent scalability and security features. It is a good product, and I encourage others to use it for large-scale applications if they wish to implement it. I have rated this product 9 out of 10.
I would give the solution eight out of ten. I would look at the comparison of Sonatype to some other firewalls. There is room for improvement, especially mentioning container support and AI packages.
Senior Cyber Security Architect and Engineer at a computer software company with 10,001+ employees
Real User
Mar 18, 2021
You should have some knowledge of Linux before implementing it, because to set up the rsync and to make sure your data is being replicated and that it's HA, you need to know Linux. We took a look at the demo of Nexus Container and, although I haven't used it hands-on so I cannot say too much about it, it looks like a freaking awesome product. We are in the process of evaluating it and may do a PoC. It looks like it's easy to use, easy to integrate, and does not require a lot of RAM or storage. You can install it on existing Kubernetes clusters, so there's not a lot of infrastructure needed. Using it, I expect we'll find out if the images that we're downloading for the containers are secure or not. It's definitely worth taking a look at it. Default policies are never really a good idea, anywhere. You need to adjust them based on your environment's needs. When we deployed Sonatype, the policies were not automatically configured so that if a packet is malicious it would block it. You need to manually set those up. But their policy engine provided the flexibility that we need. It was really a quick, easy setup. The biggest lesson I've learned from using Sonatype is that open source security is very important and it's getting crazy these days, because there's so much hacking and so many breaches going on, so much vulnerability. Even Microsoft codes and some of the packages in PyPI are not secure. You trust a repository like Microsoft or PyPI, but there are still some vulnerabilities out there. That is why it was so important for Sonatype to be implemented in our environment.
Sonatype Repository Firewall ensures secure software supply chains by inspecting open-source components for vulnerabilities and other threats at the point of ingress.
Designed for real-time protection, Sonatype Repository Firewall not only identifies but also controls potentially malicious, vulnerable, or non-compliant components before they reach development teams and CI/CD pipelines. It offers automation for quarantine, blocking workflows, and integrates with repository managers like...
I advise others considering Sonatype Repository Firewall to ensure they have strong organization-wide policies that comply with security regulations. This product can handle large volumes of data and scale as needed, offering excellent scalability and security features. It is a good product, and I encourage others to use it for large-scale applications if they wish to implement it. I have rated this product 9 out of 10.
I would give the solution eight out of ten. I would look at the comparison of Sonatype to some other firewalls. There is room for improvement, especially mentioning container support and AI packages.
I would rate the solution an eight out of ten.
You should have some knowledge of Linux before implementing it, because to set up the rsync and to make sure your data is being replicated and that it's HA, you need to know Linux. We took a look at the demo of Nexus Container and, although I haven't used it hands-on so I cannot say too much about it, it looks like a freaking awesome product. We are in the process of evaluating it and may do a PoC. It looks like it's easy to use, easy to integrate, and does not require a lot of RAM or storage. You can install it on existing Kubernetes clusters, so there's not a lot of infrastructure needed. Using it, I expect we'll find out if the images that we're downloading for the containers are secure or not. It's definitely worth taking a look at it. Default policies are never really a good idea, anywhere. You need to adjust them based on your environment's needs. When we deployed Sonatype, the policies were not automatically configured so that if a packet is malicious it would block it. You need to manually set those up. But their policy engine provided the flexibility that we need. It was really a quick, easy setup. The biggest lesson I've learned from using Sonatype is that open source security is very important and it's getting crazy these days, because there's so much hacking and so many breaches going on, so much vulnerability. Even Microsoft codes and some of the packages in PyPI are not secure. You trust a repository like Microsoft or PyPI, but there are still some vulnerabilities out there. That is why it was so important for Sonatype to be implemented in our environment.