IQ Firewall - When waivers expire, vulnerable packages do not revert to a quarantined status

When granted waivers in IQ Firewall expire, vulnerable packages do not revert to a quarantined status. Is there a way to use a firewall API to set the quarantined attribute back to “true” once the waver expires; or is the only option to remove the package from the Nexus repo and have it scanned again by the Firewall proxy? I haven’t seen any Firewall API calls that can do this, and I believe this feature might be limited to Lifecycle. Any insight appreciated, thank you!

Hi Aaron, this sounds like an impossible achievement to me due to the nature of the waiver. As you apply the waiver, you grant access to your users on an artifact. Revoking that granted access would mean that their builds that depend on the artifact would stop working, which is a high impact event. Your own remark about removing the artifacts from Nexus sounds to me like the proper way to do this, you force Firewall to re-evaluate new download attempts and your policies will quarantine the artifact as if it was the first time ever seeing them.

1 Like