Compare Nexus Solutions

Nexus software supply chain automation

Sonatype’s Nexus platform helps organizations build better software, even faster. Assembling software from existing open source and proprietary components enables teams to deliver great features faster and more cost effectively. However, the management of components is complex, time-consuming, and can leave organizations vulnerable to security and licensing risks. Nexus products offer increased speed, efficiency and quality through better component automation. Compare features below, or learn more about the portfolio.

Nexus Firewall Nexus Lifecycle Nexus Auditor
Block undesirable components upfront Software supply chain automation across SDLC Open source security and license risk audit
A Universal Repository for Multiple Component Formats & Types
Maven/Java, npm, NuGet
Integration Points for the Sonatype IQ Server
Repository integration provides the ability to audit and control the quality of components entering or leaving your repository. Improve quality at the earliest possible point.
Provide your team with component quality, security and license intelligence in IDE tools such as Eclipse and CI tools such as Hudson, Jenkins and Bamboo, etc. Enhance component visibility and policy enforcement throughout your life cycle
Release integration provides a way to ensure your applications are free of any undesirable components before they enter production. Easily define and enforce warn/fail policies.
SonarQube integration provides application, component, and policy violation data directly inside the SonarQube interface. Conveniently access component summary and detailed information.
Use Command Line integration for on-demand evaluation of applications from the command line. See if applications meet your policies and be alerted of potential security or license risk.
Customer API integrations for unlimited customization and integration of component intelligence and policy compliance.
IQ Server (IQ Data Services & Policy Management)
Intelligent matching algorithms accurately identify outdated open source, 3rd party or proprietary components with known security vulnerabilities or restrictive licenses. Avoid false negatives or positives that delay your processes.
Leverage the proprietary Sonatype IQ data feed for constantly updated component intelligence curated from a wide variety of sources. Even be alerted of vulnerabilities that are not publically announced.
Define, manage, and automate rules and policies to be enforced at various stages across the software development life cycle.
Continuously monitor for newly discovered vulnerabilities.
Quickly inventory components & dependencies - including known security, license or quality issues - in your repository or in various life cycle stages.
Easily share component usage reports & dashboards among teams based on interest, e.g. avoiding unplanned work or break-fixes, priortizing remediation efforts, reducing security or license risk, etc.
Instantly create a software bill of materials inventory for applications in development or in production depending on your integration point.

Compare repository management solutions

Sonatype is the world leader in repository management, with more than 60,000 installs of Nexus worldwide. Repository managers have become essential infrastructure for component-based software development and continuous delivery. Compare features below, or or learn more about why Nexus is preferred 6:1 compared to any other repository manager.

Nexus Repository OSS
Nexus Repository
Component Management
Store Binary Components Easily store your own components in local Nexus repositories you host. Learn more
Cache Components from Other Repositories Set up caching proxies of remote repositories to significantly optimize build performance and reliability. Learn more
Group Repositories Expose ordered collections of repositories as a single virtual location for simplified tool configuration. Learn more
Component Distribution
Expose Repositories for Proxy Access Proxy your own Nexus repository instances of each other to distribute load and optimize performance for all users or work together with partner organizations by proxying their Nexus instance. Learn more
Publish/Subscribe Notification for Deployments Smart Proxy enables immediate deployment notification to downstream Nexus servers allowing you to scale to many Nexus instances right efficiently. Get the components to where they are needed as fast as possible. Learn more
Universal Repository for Multiple Component Formats & Types
Maven 1 If you still rely on Maven 1 repositories, Nexus can expose them in Maven 2 format to help with your migration efforts. Learn more
Maven 2/3 The Maven 2 repository format is supported by tools such as Apache Maven, Apache Ant, Apache Ivy, Eclipse Aether, Gradle, SBT, Leiningen and others. Learn more
NuGet .Net developers can take advantage of the NuGet package manager and the integration in VisualStudio to manage their own and third-party packages. Learn more
NPM Node.js developers, Grunt users and others can use Nexus repositories to proxy and others as well as easily host their own packages. Learn more
RubyGems Ruby, Rails, JRuby, Torquebox users and others using gem or Bundler can enjoy the benefits of proxying and hosting gem repositories. Learn more
Docker Free private registry for Docker images. Built-in governance. Integrates with your DevOps toolchain.
Sites Host static websites produced by Apache Maven or other tools and expose them to your teams using the same Nexus instance used for the binary components. Learn more
YUM/RPM Establish a deployment pipeline from your Maven build to your Linux servers using RPM packages and YUM repositories. Learn more
Eclipse P2 Provide P2 repositories to your Eclipse IDE users or distribute your Eclipse RCP application by proxying and hosting P2 repositories. Learn more
OSGi Bundle Repository OBR Use Nexus to proxy and host OSGi bundle repositories. Learn more
Component search with Software supply chain intelligence & reporting
Search Components Available in Remote Repositories A valuable tool for discovering the latest versions and what is available remotely. Learn more
Keyword Search Search in component identifiers by keyword. Learn more
Classname Search You know a classname from a code snippet - find the component containing the class easily right in Nexus. Learn more
Checksum Search Identify an unknown component with a simple SHA1 sum generation and find it in seconds in Nexus. Learn more
Repository Health Check Overview Results Find out about known security vulnerabilities and license issues of all your components in your repositories. Learn more
Repository Health Check - List of Known Security Vulnerabilities Pin-point the exact components in your repositories and their known security vulnerabilities. Learn more
Repository Health Check - List of License Concerns Find out the details about license concerns for the exact components found in your repositories. Learn more
Component-specific search: Determine if any component is outdated See how long ago the components you examine in Nexus have been released to the Central Repository. Learn more
Component-specific search: Determine the popularity of any specific component Understand the relative popularity of different versions of components. Learn more
Component-specific search: Determine if any component has a known security vulnerability No longer worry about monitoring security mailing lists, security databases and releases notes and take advantage of all the analysis done by Sonatype security professionals. Learn more
Component-specific search: Determine if any component has a restrictive license Know the license as declared by the project publishers as well as those of all dependencies that may be taken into account in the project-level declaration. Learn more
Archive Browser Inspect the contents of your components directly in the Nexus user interface. Learn more
Dependency Tree Inspection Display all the transitive dependencies of your component without the necessity to use any external tools. Learn more
Custom Component Metadata Add any key-value pair annotations to components and find them via search. Learn more
Technical Support + Licensing
Unlimited Server Deployments Scale your organization and deployment onto as many servers and datacenters as you like without worrying about licensing! Learn more
Stackoverflow We actively monitor and respond to questions on this popular Q&A site Learn more
Mailing list Exchange experiences with other users and be notified of releases and more. Learn more
Live chat (Online chat) Chat with the developers and support staff in realtime. Learn more
Comprehensive Documentation The free book Repository Management with Nexus is available online and constantly updated. Learn more
Knowledge Base and Support Portal Access in-depth information from our support team at your fingertips. Learn more
Training Public and private classes making you a Nexus repository champion. Learn more
TheNexus Community Blog posts, videos and everything that goes on in the community around Nexus. Learn more
Standard and 24/7 Support Options Standard support 8 AM-8 PM EST. 24/7 support available. Learn more
Security, Authentication and Access Control
User Specific UI Access Grant different users access only to user interface features they should use. Learn more
User Specific Component Access Grant different users access only to specific components with create, read, update and delete restrictions. Learn more
Internal Authentication and Access Control Built-in security system controlling authentication and authorization ready to go. Learn more
LDAP Connect to Active Directory and other LDAP systems. Learn more
SSO with RUTAuth Integrate Nexus with your browser based Remote User Token SSO setup. Learn more
Enterprise LDAP Support for caching, multiple LDAP servers, templates, failover and more. Learn more
Atlassian Crowd Hook up Nexus repository software to the same security backend as Confluence, Bamboo and JIRA. Learn more
SSL Certificate Management Conveniently manage the SSL certificates for remote Nexus repositories, LDAP and SMTP servers. Learn more
Secure Nexus Access with User Token Avoid clear text storage of username and passwords on developer machines and CI servers. Learn more
Component Release Process
Standard Deployment Process Deploy directly to the desired Nexus repository with your choice of build or deployment tool or via straight HTTP. Learn more
Managed Release Process with Staging Including dedicated security setup, automated rule validation, notifications and ability to re-run release. Learn more
Custom Build Tools Support for Staging Including support for Maven, Ant, Gradle and others. Learn more
Nexus Integrations with Other Tools
Extend Nexus with REST API integrations Integrate Nexus with any tool that can work with plain HTTP or REST API's with the documentation available as part of your Nexus install. Many open source integrations with common tools are already available. Learn more
Develop Custom Nexus Plugins Add support for a new repository format, a new scheduled task, a new staging rule or any other extensions of Nexus you can think of. Learn more
Usage of Existing Open Source Extensions A large number of integrations and extensions such as Docker images, Chef and Puppet support, command line interface and many more are available from the open source community. Learn more