Version: 18.x (unreleased)

Teleport Feature Matrix

The Teleport feature matrix lists capabilities of the Teleport Infrastructure Identity Platform, organized by product.

Teleport Zero Trust Access

Teleport Enterprise (Cloud)Teleport Enterprise (Self-Hosted)Teleport Community Edition
Agentless Integration with OpenSSH Servers
Dual Authorization
Enhanced Session Recording
FedRAMP Control
FIPS-compliant binaries available for FedRAMP High
IP-Based Restrictions
Moderated Sessions
PCI DSS FeaturesLimited
Protecting Applications
Protecting Databases
Protecting Kubernetes Clusters
Protecting Linux Servers
Protecting Windows Desktops
Recording Proxy Mode
Role-Based Access Control
Session Recording with Playback
Single Sign-OnGitHub, Google Workspace, OIDC, SAML, TeleportGitHub, Google Workspace, OIDC, SAML, TeleportGitHub
SOC 2 FeaturesLimited
Structured Audit Logs

Teleport Identity Governance

Teleport Enterprise (Cloud)Teleport Enterprise (Self-Hosted)Teleport Community Edition
Access Lists & Access Reviews
Access Monitoring & Response
Device Trust
Endpoint Management: Jamf
Hardware Key Support
Hardware Security Module support for encryption at rest
JIT Access RequestsLimited
Session & Identity Locks

Teleport Machine & Workload Identity

Teleport Enterprise (Cloud)Teleport Enterprise (Self-Hosted)Teleport Community Edition
Machine Access
Flexible Workload Identities

Teleport Identity Security

Teleport Enterprise (Cloud)Teleport Enterprise (Self-Hosted)Teleport Community Edition
Identity Security
Crown Jewel Monitoring
SSH Key Scanning

Management and licensing

Teleport Enterprise (Cloud)Teleport Enterprise (Self-Hosted)Teleport Community Edition
Annual or multi-year contracts, volume discounts
Anonymized Usage TrackingOpt-in
Auth Service and Proxy Service ManagementFully managedSelf-hostedSelf-hosted
Backend supportAll data is stored in DynamoDB and S3 with server-side encryption.Any S3-compatible storage for session records, many managed backends for custom audit log storageAny S3-compatible storage for session records, many managed backends for custom audit log storage.
Data storage locationData is stored in Teleport's AWS infrastructure with audit logs/sessions optionally in customer AWS accounts. Proxy Service instances are deployed across the world for low-latency access.Can store data anywhere in the world, on most managed cloud backendsCan store data anywhere in the world, on most managed cloud backends
LicenseCommercialCommercialCommercial
Proxy Service domain nameA subdomain of teleport.shCustomCustom
Support24x7 support with premium SLAs and account managers24x7 support with premium SLAs and account managersCommunity
Version supportDeploys last stable release with 2-3 week lag for stability.All supported releases available to install and download.All supported releases available to install and download.

Teleport editions

Teleport includes two editions:

  • Teleport Community Edition: An open source offering intended for demos and small teams.
  • Teleport Enterprise: A fully-featured commercial offering.

Teleport Enterprise offers two deployment options:

  • Cloud: The Teleport team manages the Teleport Auth Service and Teleport Proxy Service on the Teleport Cloud infrastructure.
  • Self-Hosted: Teleport users deploy the Teleport Auth Service and Teleport Proxy Service on their own infrastructure.

Teleport Enterprise includes add-on products that provide a more complete infrastructure identity solution, which this guide explains in more detail below.