Teleport Feature Matrix
The Teleport feature matrix lists capabilities of the Teleport Infrastructure Identity Platform, organized by product.
Teleport Zero Trust Access
|Teleport Enterprise (Cloud)
|Teleport Enterprise (Self-Hosted)
|Teleport Community Edition
|Agentless Integration with OpenSSH Servers
|✔
|✔
|✔
|Dual Authorization
|✔
|✔
|✖
|Enhanced Session Recording
|✔
|✔
|✔
|FedRAMP Control
|✖
|✔
|✖
|FIPS-compliant binaries available for FedRAMP High
|✖
|✔
|✖
|IP-Based Restrictions
|✔
|✔
|✖
|Moderated Sessions
|✔
|✔
|✖
|PCI DSS Features
|✔
|✔
|Limited
|Protecting Applications
|✔
|✔
|✔
|Protecting Databases
|✔
|✔
|✔
|Protecting Kubernetes Clusters
|✔
|✔
|✔
|Protecting Linux Servers
|✔
|✔
|✔
|Protecting Windows Desktops
|✔
|✔
|✔
|Recording Proxy Mode
|✖
|✔
|✔
|Role-Based Access Control
|✔
|✔
|✔
|Session Recording with Playback
|✔
|✔
|✔
|Single Sign-On
|GitHub, Google Workspace, OIDC, SAML, Teleport
|GitHub, Google Workspace, OIDC, SAML, Teleport
|GitHub
|SOC 2 Features
|✔
|✔
|Limited
|Structured Audit Logs
|✔
|✔
|✔
Teleport Identity Governance
Teleport Machine & Workload Identity
|Teleport Enterprise (Cloud)
|Teleport Enterprise (Self-Hosted)
|Teleport Community Edition
|Machine Access
|✔
|✔
|✔
|Flexible Workload Identities
|✔
|✔
|✔
Teleport Identity Security
|Teleport Enterprise (Cloud)
|Teleport Enterprise (Self-Hosted)
|Teleport Community Edition
|Identity Security
|✔
|✔
|✖
|Crown Jewel Monitoring
|✔
|✔
|✖
|SSH Key Scanning
|✔
|✔
|✖
Management and licensing
|Teleport Enterprise (Cloud)
|Teleport Enterprise (Self-Hosted)
|Teleport Community Edition
|Annual or multi-year contracts, volume discounts
|✔
|✔
|✖
|Anonymized Usage Tracking
|✔
|✔
|Opt-in
|Auth Service and Proxy Service Management
|Fully managed
|Self-hosted
|Self-hosted
|Backend support
|All data is stored in DynamoDB and S3 with server-side encryption.
|Any S3-compatible storage for session records, many managed backends for custom audit log storage
|Any S3-compatible storage for session records, many managed backends for custom audit log storage.
|Data storage location
|Data is stored in Teleport's AWS infrastructure with audit logs/sessions optionally in customer AWS accounts. Proxy Service instances are deployed across the world for low-latency access.
|Can store data anywhere in the world, on most managed cloud backends
|Can store data anywhere in the world, on most managed cloud backends
|License
|Commercial
|Commercial
|Commercial
|Proxy Service domain name
|A subdomain of
teleport.sh
|Custom
|Custom
|Support
|24x7 support with premium SLAs and account managers
|24x7 support with premium SLAs and account managers
|Community
|Version support
|Deploys last stable release with 2-3 week lag for stability.
|All supported releases available to install and download.
|All supported releases available to install and download.
Teleport editions
Teleport includes two editions:
- Teleport Community Edition: An open source offering intended for demos and small teams.
- Teleport Enterprise: A fully-featured commercial offering.
Teleport Enterprise offers two deployment options:
- Cloud: The Teleport team manages the Teleport Auth Service and Teleport Proxy Service on the Teleport Cloud infrastructure.
- Self-Hosted: Teleport users deploy the Teleport Auth Service and Teleport Proxy Service on their own infrastructure.
Teleport Enterprise includes add-on products that provide a more complete infrastructure identity solution, which this guide explains in more detail below.