Teleport
How to Choose a Teleport Edition
- Version 15.x
- Version 14.x
- Version 13.x
- Version 12.x
- Older Versions
- Available for:
- OpenSource
- Team
- Cloud
- Enterprise
Teleport supports four editions. In this guide, we will help you determine which edition is most appropriate for your use case.
Editions
Teleport Team
Teleport Team makes it easier for small organizations to get started enabling secure access to their infrastructure. It includes a subset of Teleport Enterprise Cloud features, and teams can switch to Teleport Enterprise Cloud as they scale up.
Read more about Teleport Team.
Teleport Enterprise Cloud
Our team at Teleport manages the Auth and Proxy Services, giving you a running Teleport cluster where you can configure RBAC, set up Single Sign-On connectors, and register resources by deploying additional Teleport services.
Read more about Teleport Enterprise Cloud.
Teleport Enterprise
A self-hosted Teleport deployment for security-conscious organizations. Supports advanced features like Hardware Security Modules and FedRAMP compliance.
Read more about Teleport Enterprise.
Teleport Community Edition
We provide a free, open source distribution of Teleport that enables you to get secure access to databases, Windows desktops, Kubernetes clusters, and more.
Try out Teleport on a Linux server. If you would like to take a look at the source, visit the Teleport GitHub repository.
Comparing editions
Access controls
| Open Source | Enterprise | Cloud | Team | |
|---|---|---|---|---|
| Access Requests | Limited | ✔ | ✔ | ✖ |
| Single Sign-On | GitHub | GitHub, Google Workspace, OIDC, SAML, Teleport | GitHub, Google Workspace, OIDC, SAML, Teleport | GitHub, Teleport |
| Role-Based Access Control | ✔ | ✔ | ✔ | ✔ |
| Moderated Sessions | ✖ | ✔ | ✔ | ✖ |
| Device Trust | ✖ | ✔ | ✔ | ✖ |
| Dual Authorization | ✖ | ✔ | ✔ | ✖ |
| Hardware Key Support | ✖ | ✔ | ✔ | ✖ |
Infrastructure access
| Open Source | Enterprise | Cloud | Team | |
|---|---|---|---|---|
| Application Access | ✔ | ✔ | ✔ | ✔ |
| Server Access | ✔ | ✔ | ✔ | ✔ |
| Database Access | ✔ | ✔ | ✔ | ✔ |
| Desktop Access | ✔ | ✔ | ✔ | ✔ |
| Kubernetes Access | ✔ | ✔ | ✔ | ✔ |
| Machine ID | ✔ | ✔ | ✔ | ✔ |
| Agentless Integration with OpenSSH Servers | ✔ | ✔ | ✔ | ✔ |
Audit logging and session recording
| Open Source | Enterprise | Cloud | Team | |
|---|---|---|---|---|
| Structured Audit Logs | ✔ | ✔ | ✔ | ✔ |
| Session Recording with Playback | ✔ | ✔ | ✔ | ✔ |
| Recording Proxy Mode | ✔ | ✔ | ✖ | ✖ |
| Enhanced Session Recording | ✔ | ✔ | ✔ | ✔ |
Compliance
| Open Source | Enterprise | Cloud | Team | |
|---|---|---|---|---|
| FedRAMP Control | ✖ | ✔ | ✖ | ✖ |
| PCI DSS Features | Limited | ✔ | ✔ | Limited |
| SOC 2 Features | Limited | ✔ | ✔ | Limited |
| FIPS-compliant binaries available for FedRAMP High | ✖ | ✔ | ✖ | ✖ |
| IP-Based Restrictions | ✖ | ✔ | ✔ | ✖ |
Operations
| Open Source | Enterprise | Cloud | Team | |
|---|---|---|---|---|
| Auth and Proxy Service Management | Self-hosted | Self-hosted | Fully managed | Fully managed |
| Proxy Service domain name | Custom | Custom | A subdomain of teleport.sh | A subdomain of teleport.sh |
| Version support | All supported releases available to install and download. | All supported releases available to install and download. | Deploys last stable release with 2-3 week lag for stability. | Deploys last stable release with 2-3 week lag for stability. |
| Backend support | Any S3-compatible storage for session records, many managed backends for custom audit log storage. | Any S3-compatible storage for session records, many managed backends for custom audit log storage | All data is stored in DynamoDB and S3 with server-side encryption. | All data is stored in DynamoDB and S3 with server-side encryption. |
| Data storage location | Can store data anywhere in the world, on most managed cloud backends | Can store data anywhere in the world, on most managed cloud backends | Data is stored in us-west-2, with Proxy Service instances deployed across the world for low-latency access. | Data is stored in us-west-2, with Proxy Service instances deployed across the world for low-latency access. |
| Hardware Security Module support for encryption at rest | ✖ | ✔ | ✖ | ✖ |
Support
| Open Source | Enterprise | Cloud | Team | |
|---|---|---|---|---|
| Support | Community | 24x7 support with premium SLAs and account managers | 24x7 support with premium SLAs and account managers | Community |
Licensing and usage management
| Open Source | Enterprise | Cloud | Team | |
|---|---|---|---|---|
| Annual or multi-year contracts, volume discounts | ✖ | ✔ | ✔ | ✖ |
| License | Apache 2 | Commercial | Commercial | Commercial |
| Anonymized Usage Tracking | Opt-in | ✔ | ✔ | ✔ |