Logo Sonatype CLM Sonatype CLM Server - Policy Management Guide
Documentation Index
Sonatype CLM Downloads
Document Descriptions
Release Notes

Sonatype CLM Server
Installation and Deployment Guide
Security Administration Guide
Policy Management Guide
Report User Guide

CI User Guide

IDE User Guide

Repository Manager User Guide

Nine Steps For Open Source Governance
Optimized Component Lifecycle Management with Sonatype CLM

Sonatype CLM Server - Policy Management Guide

Chapter 1. Introduction

Sonatype CLM is a powerful system for improving how your teams consume open source components. For the first time, you have the ability to take pen and paper rules, and turn them into enforceable policies for component usage within your enterprise. Better yet, all of this can be done simply and easily, with results that provide a detailed analysis of the health of your applications. And this happens not in days or months, but in most cases, just a few seconds.

While there are options for getting Sonatype CLM going right out of the box with our sample policies and policy elements, the road to designing and refining your own custom policies is where you want to be.

Before we get there though, we should first take a closer look, defining every part of the policies, dissecting it really, and explaining it in detail. Of course, we’ll also walk you through the stages of importing policies as well.

To get started, let’s see what you’ll find in this guide:

  • Introduction to Policy, Governance, and CLM
  • Organization and Application Management
  • Policy Development and Management
  • Policy Element Overview and Usage
  • Manual Application Scanning and Evaluation
  • Basic Reporting
  • Importing Policy

Remember, before you get started you need to make sure you have, at a minimum:

  • Installed Sonatype CLM Server (or Nexus Pro: Sonatype CLM Edition)
  • Installed your Sonatype CLM License