Teleport Workload Identity with SPIFFE: Achieving Zero Trust in Modern Infrastructure
May 23
Virtual
Register Today
Support
LOG IN
Teleport logoTry For Free
Contact SalesTry for Free
Support
LOG IN
Fork me on GitHub

Teleport

How to Choose a Teleport Edition

Version 15.x

Teleport supports three editions. In this guide, we will help you determine which edition is most appropriate for your use case.

Editions

Teleport Enterprise Cloud

Our team at Teleport manages the Auth and Proxy Services, giving you a running Teleport cluster where you can configure RBAC, set up Single Sign-On connectors, and register resources by deploying additional Teleport services.

Read more about Teleport Enterprise Cloud.

Teleport Enterprise

A self-hosted Teleport deployment for security-conscious organizations. Supports advanced features like Hardware Security Modules and FedRAMP compliance.

Read more about Teleport Enterprise.

Teleport Community Edition

We provide a free, open source distribution of Teleport that enables you to get secure access to databases, Windows desktops, Kubernetes clusters, and more.

Try out Teleport on a Linux server. If you would like to take a look at the source, visit the Teleport GitHub repository.

Comparing editions

Access Controls

Community EditionEnterpriseCloud
Dual Authorization
Hardware Key Support
Moderated Sessions
Role-Based Access Control
Single Sign-OnGitHubGitHub, Google Workspace, OIDC, SAML, TeleportGitHub, Google Workspace, OIDC, SAML, Teleport

Audit logging and session recording

Community EditionEnterpriseCloud
Enhanced Session Recording
Recording Proxy Mode
Session Recording with Playback
Structured Audit Logs

Compliance

Community EditionEnterpriseCloud
FedRAMP Control
FIPS-compliant binaries available for FedRAMP High
IP-Based Restrictions
PCI DSS FeaturesLimited
SOC 2 FeaturesLimited

Identity

Available as an add-on to Teleport Enterprise

Community EditionEnterpriseCloud
Access Monitoring & Response
Access Lists & Access Reviews
Device Trust
Endpoint Management: Jamf
JIT Access RequestsLimited
Session & Identity Locks

Infrastructure access

Community EditionEnterpriseCloud
Agentless Integration with OpenSSH Servers
Application Access
Database Access
Desktop Access
Kubernetes Access
Machine ID
Server Access

Licensing and usage management

Community EditionEnterpriseCloud
Annual or multi-year contracts, volume discounts
Anonymized Usage TrackingOpt-in
LicenseApache 2CommercialCommercial

Operations

Community EditionEnterpriseCloud
Auth Service and Proxy Service ManagementSelf-hostedSelf-hostedFully managed
Backend supportAny S3-compatible storage for session records, many managed backends for custom audit log storage.Any S3-compatible storage for session records, many managed backends for custom audit log storageAll data is stored in DynamoDB and S3 with server-side encryption.
Data storage locationCan store data anywhere in the world, on most managed cloud backendsCan store data anywhere in the world, on most managed cloud backendsData is stored in Teleport's AWS infrastructure with audit logs/sessions optionally in customer AWS accounts. Proxy Service instances are deployed across the world for low-latency access.
Hardware Security Module support for encryption at rest
Proxy Service domain nameCustomCustomA subdomain of teleport.sh
Version supportAll supported releases available to install and download.All supported releases available to install and download.Deploys last stable release with 2-3 week lag for stability.

Support

Community EditionEnterpriseCloud
SupportCommunity24x7 support with premium SLAs and account managers24x7 support with premium SLAs and account managers