Fork me on GitHub

Teleport

How to Choose a Teleport Edition

Improve

Teleport supports four editions. In this guide, we will help you determine which edition is most appropriate for your use case.

Editions

Teleport Team

Teleport Team makes it easier for small organizations to get started enabling secure access to their infrastructure. It includes a subset of Teleport Enterprise Cloud features, and teams can switch to Teleport Enterprise Cloud as they scale up.

Read more about Teleport Team.

Teleport Enterprise Cloud

Our team at Teleport manages the Auth and Proxy Services, giving you a running Teleport cluster where you can configure RBAC, set up Single Sign-On connectors, and register resources by deploying additional Teleport services.

Read more about Teleport Enterprise Cloud.

Teleport Enterprise

A self-hosted Teleport deployment for security-conscious organizations. Supports advanced features like Hardware Security Modules and FedRAMP compliance.

Read more about Teleport Enterprise.

Teleport Community Edition

We provide a free, open source distribution of Teleport that enables you to get secure access to databases, Windows desktops, Kubernetes clusters, and more.

Try out Teleport on a Linux server. If you would like to take a look at the source, visit the Teleport GitHub repository.

Comparing editions

Access controls

Open SourceEnterpriseCloudTeam
Access RequestsLimited
Single Sign-OnGitHubGitHub, Google Workspace, OIDC, SAML, TeleportGitHub, Google Workspace, OIDC, SAML, TeleportGitHub, Teleport
Role-Based Access Control
Moderated Sessions
Device Trust

Infrastructure access

Open SourceEnterpriseCloudTeam
Application Access
Server Access
Database Access
Desktop Access
Kubernetes Access
Machine ID
Agentless Integration with OpenSSH Servers

Audit logging and session recording

Open SourceEnterpriseCloudTeam
Structured Audit Logs
Session Recording with Playback
Recording Proxy Mode
Enhanced Session Recording

Compliance

Open SourceEnterpriseCloudTeam
FedRAMP Control
PCI DSS FeaturesLimitedLimited
SOC 2 FeaturesLimitedLimited
FIPS-compliant binaries available for FedRAMP High
IP-Based Restrictions

Operations

Open SourceEnterpriseCloudTeam
Auth and Proxy Service ManagementSelf-hostedSelf-hostedFully managedFully managed
Proxy Service domain nameCustomCustomA subdomain of teleport.shA subdomain of teleport.sh
Version supportAll supported releases available to install and download.All supported releases available to install and download.Deploys last stable release with 2-3 week lag for stability.Deploys last stable release with 2-3 week lag for stability.
Backend supportAny S3-compatible storage for session records, many managed backends for custom audit log storage.Any S3-compatible storage for session records, many managed backends for custom audit log storageAll data is stored in DynamoDB and S3 with server-side encryption.All data is stored in DynamoDB and S3 with server-side encryption.
Data storage locationCan store data anywhere in the world, on most managed cloud backendsCan store data anywhere in the world, on most managed cloud backendsData is stored in us-west-2, with Proxy Service instances deployed across the world for low-latency access.Data is stored in us-west-2, with Proxy Service instances deployed across the world for low-latency access.
Hardware Security Module support for encryption at rest

Support

Open SourceEnterpriseCloudTeam
SupportCommunity24x7 support with premium SLAs and account managers24x7 support with premium SLAs and account managersCommunity

Licensing and usage management

Open SourceEnterpriseCloudTeam
Annual or multi-year contracts, volume discounts
LicenseApache 2CommercialCommercialCommercial
Anonymized Usage TrackingOpt-in