Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

4 Outcomes of an Advanced Repo Manager Strategy


Published on

Each individual component often relies on dozens to hundreds of other components. Even mid-sized organizations consume tens of thousands of components per month. Your developers waste time downloading a massive library of dependencies from the internet. With a repository your organization can reduce build times, improve collaboration, enhance control, and more.

To learn more about the benefits of a repository manager visit

Published in: Technology
  • Be the first to comment

4 Outcomes of an Advanced Repo Manager Strategy

  1. 1. The Component Lifecycle Management Company 4 Outcomes of an Advanced Repo Manager Strategy What a Repository Can Do for You Go Fast. Be Secure. The Webinar will start at 12 PM EDT Tweet your thoughts: #sonatype
  2. 2. The Component Lifecycle Management Company - 1,000 2,000 3,000 4,000 5,000 6,000 7,000 8,000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 RequestsinMillions 8 Billion Requests in 2012 Growth Drivers Mobile Cloud Web Apps Big Data The Component Revolution #sonatype
  3. 3. The Component Lifecycle Management Company 90%Assembled A Sea Change in Application Development Written Source: 2012 / 2013 Sonatype analysis of more than 1,000 enterprise applications #sonatype
  4. 4. The Component Lifecycle Management Company A Highly Complex Ecosystem Complexity Diversity Volume Change One component may rely on 00s of others 40,000 Projects 200MM Classes 400K Components Typical Enterprise Consumes 000s of Components Monthly Typical Component is Updated 4X per Year #sonatype
  5. 5. The Component Lifecycle Management Company The Need for Repository Management Why Use a Repository? Reduce Build Times by proxying cloud repositories and caching components locally. Improve Collaboration by providing a central location to store, manage, and share common components used across developers and teams. Enhance Control by providing a mechanism to observe, manage, and govern component usage. #sonatype
  6. 6. The Component Lifecycle Management Company Nexus Professional & Nexus Pro CLM Edition Go Beyond Basic Repository Management Deliver on time with smart proxy to ensure your repos are always available and your teams are in sync. Meet quality standards with automated control of release management staging and promotion. Make intelligent decisions by validating the health of the components in your repository. Protect your assets with access control and secure connectivity to the Central Repository. #sonatype Nexus Pro: the foundation for complete Component Lifecycle Management
  7. 7. The Component Lifecycle Management Company Exclusive Pro Features: Smart Proxy Reduce build times, improve availability and keep teams in sync with Nexus Smart Proxy. #sonatype
  8. 8. The Component Lifecycle Management Company Smart Proxy & Component Storage Options Speed Development Efforts Faster build times since all components & dependencies are available locally. Better reliability since you are not dependent on public internet and external network access. Constant availability eliminates unplanned downtime using Nexus HA configuration option. Free your source control system of components & their dependencies (they don’t need to be version controlled). Facilitate collaboration & sharing for internal and external teams. Simplify access to components using a single virtual location where developers access their components. #sonatype
  9. 9. The Component Lifecycle Management Company Exclusive Pro Features: Repository Health Check Repository Health Check lets you assess the security, licensing and popularity of your components. #sonatype
  10. 10. The Component Lifecycle Management Company Repository Health Check Allows you to Analyze Component Risk Avoid using tainted components that put your organization at risk – security & licensing risk. Quickly assess your security posture by viewing a breakdown of vulnerabilities based on severity and threat level. Quickly analyze your license risk by viewing the licenses by category and number of conflicting licenses. Easily perform detailed analysis by drilling into comprehensive license and security analysis. Repo analysis is good starting point for CLM which applies policy to staging and promotion and extends component management throughout the software lifecycle. #sonatype
  11. 11. The Component Lifecycle Management Company Exclusive Pro Features: Build Promotion and Staging Streamline workflow and control how components flow through development, QA, and production with Nexus Pro staging. #sonatype
  12. 12. The Component Lifecycle Management Company Nexus Pro CLM Edition: Use Policy to Manage Releases Define and enforce build promotion and staging rules based on component security, licensing, and popularity information. #sonatype • Policies can be defined based on security, licensing & quality metadata • Releases can be stopped, warnings created & notifications generated • Other enforcement points available as part of Sonatype CLM
  13. 13. The Component Lifecycle Management Company Staging & Promotion with Automated Policies Provides Better Release Management Easily manage releases by creating isolated candidates that can be promoted or discarded based on release tests. Manage release promotion for “dev to test to prod” & coordinate releases between multiple project teams (for example GUI, Data Services, & Business Logic teams). Improve collaboration between internal and external development teams through controlled sharing of releases. Automated policy provides control with minimal effort, ensuring that releases meet your security, licensing & architecture policies. #sonatype
  14. 14. The Component Lifecycle Management Company Exclusive Pro Features: Access Control & SSL Control access with LDAP and user tokens. Atlassian Crowd supports Single Sign-On efforts. Communications with the Central Repository are SSL encrypted to prevent man-in-the-middle attacks. #sonatype
  15. 15. The Component Lifecycle Management Company Nexus Security Ensures Trusted Access & Component Delivery Ease administrative burden & support authentication failover by using LDAP to support authentication. Strengthen authentication efforts with user tokens that eliminate the need to store plaintext passwords. Simplify access to Nexus by providing your users the ability to leverage Nexus using Single Sign-On. Protect your critical assets by partitioning repositories to permission individual sets of assets. Ensure the components you download are delivered securely by using SSL to support a tamper resistant connection to the Central Repository. #sonatype
  16. 16. The Component Lifecycle Management Company Foundation for Agile, Component-Based Development Nexus Pro: Repository Foundation for Complete Component Lifecycle Management Extend component management to your entire software development including your IDE, & build/CI/CD process. Ensure your production applications are trusted using the Sonatype CLM to monitor & identify newly discovered vulnerabilities. #sonatype
  17. 17. The Component Lifecycle Management Company Sonatype Product Family Nexus OSS Sonatype CLM Component Lifecycle Management • Centrally define governance policies • Enforce throughout the lifecycle • Integrate with existing developer tools • Build security in from the start • Continuous trust for production apps Sonatype Nexus Repository Management • Improve collaboration • Controlled release process Industry standard open source repository manager Nexus Pro Enterprise features, enterprise support Nexus Pro CLM Edition Component governance in the repo Sonatype CLM Nexus OSS Repository • Speed Builds #sonatype
  18. 18. The Component Lifecycle Management Company Questions
  19. 19. The Component Lifecycle Management Company Don’t Miss the Rest of the Nexus Series #sonatype Download a Free Trial – Updated Trial Guide and New Ant & Gradle Samples Join Nexus Live – An Insider’s Tech Talk with Product Experts Take a Training Course- Full Day Training to Maximize use of Nexus & Maven The Golden Repo is a Great First Step: October 15th at 12 EDT Yes, Policies Can Speed Development: November 6th at 12pm EDT Register Now -