Sonatype Platform at scale
September 30, 2024

Sonatype Platform at scale

Navneet Mittal | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Modules Used

  • Nexus Repository Pro
  • Nexus Lifecycle
  • Nexus Firewall

Overall Satisfaction with Sonatype Platform

We at HTI use Sonatype products extensively. Specially Nexus repository manager, IQ & Firewall. We have a massive scale of our users almost 40k who are using our platform (Artefcats Management). We have many complex use cases, one of them being hosting docker on Nexus. We have millions of public, private & hosted images on our platform & lot of tier0 services depend on us for their build & deployments. Any outage or slowness on docker nexus instance impacts them heavily & its huge impact on our reputation as well as business. Sonatype team is regularly helping us tune our Nexus repository manager in such a way that our service is not only highly available but optimized enough to ensure our business continues as usual. Nexus repository manager as a tool has come long way & Sonatype team ensures we as a customer get the required features & service.

Pros

  • Improved repo manager
  • High Availability
  • Great Support
  • Continuously improving Lifecycle

Cons

  • Reporting in repository manager
  • Easy remediation process in IQ
  • Optimize resource utilization for Nexus & IQ
  • Our usage has grown from 3k users in 2011 to 40k today
  • We use almost all features on nexus very extensively like logging, tasks, clean up, etc.
I have seen HSBC is able to support most of the use cases across technologies.

Do you think Sonatype Platform delivers good value for the price?

Yes

Are you happy with Sonatype Platform's feature set?

Yes

Did Sonatype Platform live up to sales and marketing promises?

Yes

Did implementation of Sonatype Platform go as expected?

Yes

Would you buy Sonatype Platform again?

Yes

With our experience, Nexus Repo Manager can support large volumes & complex use cases across technologies. I see a bit of a challenge when it comes to very large volumes of docker though but the Sonatype team does everything to support our use cases.

Using Sonatype Platform

40000 - Almost every function within a bank like retail, core, commercial, technology, etc.
10 - Product knowledge, linux, python, basic scripting, analytical skills, Jenkins, JIRA, etc.
  • Builds & Deployments
  • Artifacts binaries scanning
  • Detect malicious packages
  • Load sharding by splitting nexus instances technology wise
  • Multiple IQ instances by business lines
  • Plan better to make our services lightweight
  • Use hybrid models on prem + cloud
Ease of the use of the platform.

Evaluating Sonatype Platform and Competitors

  • Scalability
  • Integration with Other Systems
  • Ease of Use
We need to have our users use our platform seamlessly while scale is important to our business.
No change.

Sonatype Platform Implementation

Sonatype Platform Training

Configuring Sonatype Platform

Easy to configure.
As per Sonatype documentation
No - there is no facility to customize the interface
Some - we have added small pieces of custom code - Like Archival, or many scripts to perform various different tasks, especially around maintenance.

Sonatype Platform Support

We get all the required support whenever we need it. Really awesome team to work with.
ProsCons
Quick Resolution
Good followup
Knowledgeable team
Kept well informed
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
None
Yes, we have premium support because of the scale we have. With many users & multiple complex use cases. It is important to use 24*7 active support, keeping our success criteria in mind.
Yes - Yes, very well in timely manner.
Almost every time. It is difficult to think about one lone case here but recent experience regarding an issue with one of our docker instances. We got whatever help we needed from Sonatype team.

Using Sonatype Platform

ProsCons
Like to use
Relatively simple
Easy to use
Technical support not required
Well integrated
Consistent
Convenient
Feel confident using
None
  • Onboarding
  • Uploads/ downloads
  • Scans
  • Reporting & logs analysis
  • Insights

Sonatype Platform Reliability

Everything is very good except a little concern regarding large scale docker usage.
Extremely good
Sonatype products are great value as I said but a few areas like how products use underlying resources in order to make it further lightweight, is something I would like them to consider.

Integrating Sonatype Platform

We could easily integrate it with other products.
Easy
  • Cyberflows
  • Grafana
  • File import/export
  • API (e.g. SOAP or REST)
No
Just explore the APIs, you will be able to do most of the things.

Relationship with Sonatype

Sonatype team is easily approachable & very prompt to respond to any outstanding queries, provide information.
Very easy as I mentioned in my previous comments.
Very good
Cost, support
Great value for money
All is good so far

Upgrading Sonatype Platform

Yes - Tes, offlate no impacts
  • Rolling updates with latest version, ensuring no downtime
  • High availability to make our service resilient
  • More insights, reporting
  • Resource optimizations

Comments

More Reviews of Sonatype Platform

  1. Home
  2. Software Composition Analysis (SCA) Tools
  3. Sonatype Platform Reviews
  4. User Review of Sonatype Platform