Teleport
How to Choose a Teleport Edition
Version preview- Older Versions
Teleport supports three editions. In this guide, we will help you determine which edition is most appropriate for your use case.
Editions
Teleport Enterprise Cloud
Our team at Teleport manages the Auth and Proxy Services, giving you a running Teleport cluster where you can configure RBAC, set up Single Sign-On connectors, and register resources by deploying additional Teleport services.
Read more about Teleport Enterprise Cloud.
Teleport Enterprise
A self-hosted Teleport deployment for security-conscious organizations. Supports advanced features like Hardware Security Modules and FedRAMP compliance.
Read more about Teleport Enterprise.
Teleport Community Edition
We provide a free, open source distribution of Teleport that enables you to get secure access to databases, Windows desktops, Kubernetes clusters, and more.
Try out Teleport on a Linux server. If you would like to take a look at the source, visit the Teleport GitHub repository.
Comparing editions
Access Controls
Community Edition | Enterprise | Cloud | |
---|---|---|---|
Dual Authorization | ✖ | ✔ | ✔ |
Hardware Key Support | ✖ | ✔ | ✔ |
Moderated Sessions | ✖ | ✔ | ✔ |
Role-Based Access Control | ✔ | ✔ | ✔ |
Single Sign-On | GitHub | GitHub, Google Workspace, OIDC, SAML, Teleport | GitHub, Google Workspace, OIDC, SAML, Teleport |
Audit logging and session recording
Community Edition | Enterprise | Cloud | |
---|---|---|---|
Enhanced Session Recording | ✔ | ✔ | ✔ |
Recording Proxy Mode | ✔ | ✔ | ✖ |
Session Recording with Playback | ✔ | ✔ | ✔ |
Structured Audit Logs | ✔ | ✔ | ✔ |
Compliance
Community Edition | Enterprise | Cloud | |
---|---|---|---|
FedRAMP Control | ✖ | ✔ | ✖ |
FIPS-compliant binaries available for FedRAMP High | ✖ | ✔ | ✖ |
IP-Based Restrictions | ✖ | ✔ | ✔ |
PCI DSS Features | Limited | ✔ | ✔ |
SOC 2 Features | Limited | ✔ | ✔ |
Identity
Available as an add-on to Teleport Enterprise
Community Edition | Enterprise | Cloud | |
---|---|---|---|
Access Monitoring & Response | ✖ | ✔ | ✔ |
Access Lists & Access Reviews | ✖ | ✔ | ✔ |
Device Trust | ✖ | ✔ | ✔ |
Endpoint Management: Jamf | ✖ | ✔ | ✔ |
JIT Access Requests | Limited | ✔ | ✔ |
Session & Identity Locks | ✖ | ✔ | ✔ |
Infrastructure access
Community Edition | Enterprise | Cloud | |
---|---|---|---|
Agentless Integration with OpenSSH Servers | ✔ | ✔ | ✔ |
Application Access | ✔ | ✔ | ✔ |
Database Access | ✔ | ✔ | ✔ |
Desktop Access | ✔ | ✔ | ✔ |
Kubernetes Access | ✔ | ✔ | ✔ |
Machine ID | ✔ | ✔ | ✔ |
Server Access | ✔ | ✔ | ✔ |
Licensing and usage management
Community Edition | Enterprise | Cloud | |
---|---|---|---|
Annual or multi-year contracts, volume discounts | ✖ | ✔ | ✔ |
Anonymized Usage Tracking | Opt-in | ✔ | ✔ |
License | Commercial | Commercial | Commercial |
Operations
Community Edition | Enterprise | Cloud | |
---|---|---|---|
Auth Service and Proxy Service Management | Self-hosted | Self-hosted | Fully managed |
Backend support | Any S3-compatible storage for session records, many managed backends for custom audit log storage. | Any S3-compatible storage for session records, many managed backends for custom audit log storage | All data is stored in DynamoDB and S3 with server-side encryption. |
Data storage location | Can store data anywhere in the world, on most managed cloud backends | Can store data anywhere in the world, on most managed cloud backends | Data is stored in Teleport's AWS infrastructure with audit logs/sessions optionally in customer AWS accounts. Proxy Service instances are deployed across the world for low-latency access. |
Hardware Security Module support for encryption at rest | ✖ | ✔ | ✖ |
Proxy Service domain name | Custom | Custom | A subdomain of teleport.sh |
Version support | All supported releases available to install and download. | All supported releases available to install and download. | Deploys last stable release with 2-3 week lag for stability. |
Support
Community Edition | Enterprise | Cloud | |
---|---|---|---|
Support | Community | 24x7 support with premium SLAs and account managers | 24x7 support with premium SLAs and account managers |