Teleport supports three editions. In this guide, we will help you determine which edition is most appropriate for your use case.
Editions
Teleport Community Edition
We provide a free, open source distribution of Teleport that enables you to get secure access to databases, Windows desktops, Kubernetes clusters, and more.
Try out Open Source Teleport on a Linux server. If you would like to take a look at the source, visit the Teleport GitHub repository.
Teleport Enterprise Cloud
Our team at Teleport manages the Auth and Proxy Services, giving you a running Teleport cluster where you can configure RBAC, set up Single Sign-On connectors, and register resources by deploying additional Teleport services.
Read more about Teleport Enterprise Cloud.
Teleport Enterprise
A self-hosted Teleport deployment for security-conscious organizations. Supports advanced features like Hardware Security Modules and FedRAMP compliance.
Read more about Teleport Enterprise.
Comparing editions
Access controls
Open Source | Enterprise | Cloud | |
---|---|---|---|
Access Requests | Limited | ✔ | ✔ |
Single Sign-On | GitHub | GitHub, Google Workspace, OIDC, SAML | GitHub, Google Workspace, OIDC, SAML |
Role-Based Access Control | ✔ | ✔ | ✔ |
Moderated Sessions | ✖ | ✔ | ✔ |
Infrastructure access
Open Source | Enterprise | Cloud | |
---|---|---|---|
Application Access | ✔ | ✔ | ✔ |
Server Access | ✔ | ✔ | ✔ |
Database Access | ✔ | ✔ | ✔ |
Desktop Access | ✔ | ✔ | ✔ |
Kubernetes Access | ✔ | ✔ | ✔ |
Machine ID | ✔ | ✔ | ✔ |
Agentless integration with OpenSSH servers | ✔ | ✔ | ✔ |
Session recording
Open Source | Enterprise | Cloud | |
---|---|---|---|
Recording Proxy Mode | ✔ | ✔ | ✖ |
Enhanced Session Recording | ✔ | ✔ | ✔ |
Compliance
Open Source | Enterprise | Cloud | |
---|---|---|---|
FedRAMP Control | ✖ | ✔ | ✖ |
PCI DSS Features | Limited | ✔ | ✔ |
SOC 2 Features | Limited | ✔ | ✔ |
FIPS-compliant binaries available for FedRAMP High | ✖ | ✔ | ✖ |
Operations
Open Source | Enterprise | Cloud | |
---|---|---|---|
Auth and Proxy Service management | Self-hosted | Self-hosted | Fully managed |
Proxy Service domain name | Custom | Custom | A subdomain of teleport.sh |
Version support | All supported releases available to install and download. | All supported releases available to install and download. | Deploys last stable release with 2-3 week lag for stability. |
Backend support | Any S3-compatible storage for session records, many managed backends for custom audit log storage. | Any S3-compatible storage for session records, many managed backends for custom audit log storage | All data is stored in DynamoDB and S3 with server-side encryption |
Data storage location | Can store data anywhere in the world, on most managed cloud backends | Can store data anywhere in the world, on most managed cloud backends | Data is stored in us-west-2 , with Proxy Service instances deployed across the world for low-latency access |
Hardware Security Module support for encryption at rest | ✖ | ✔ | ✖ |
Support
Open Source | Enterprise | Cloud | |
---|---|---|---|
Support | Best-effort, community | 24x7 support with premium SLAs and account managers | 24x7 support with premium SLAs and account managers |
Licensing and usage management
Open Source | Enterprise | Cloud | |
---|---|---|---|
Annual or multi-year contracts, volume discounts | ✖ | ✔ | ✔ |
License | Apache 2 | Commercial | Commercial |
Usage tracking | ✖ | ✖ | Enables you to track the number of users per protocol. |