Frequently Asked Questions

Search Guard is an independent implementation of a security access layer for Elasticsearch and is completely independent of Elasticsearch’s own security offerings.

Search Guard offers similar functionality as competitor products and adds additional features on top, with a flexible licensing model. Additional features include:

  • OpenSSL support
  • Kerberos support
  • JSON web token
  • OpenID / JWKS
  • Kibana multitenancy
  • HTTP Proxy Authentication support
  • Read- and write history compliance audit trails
  • Field anonymization
  • Immutable indices
  • Open Source

Licenses for Search Guard are based on production clusters, not nodes. That means that you can scale your cluster up and down as necessary, without affecting the license costs. Development, staging, integration and QA/AUT-systems are covered by the license as well at no additional cost.

Search Guard runs on mission-critical production clusters protecting sensitive data in the finance, healthcare, pharmaceutical, aviation, telecommunications, security, and data intelligence industries. The cluster sizes range from typical ELK installations to hundreds of data nodes storing petabytes of data.

For a list of Enterprise integrations, including Red Hat Open Shift and Pivotal Cloud Foundry, please see the list of integrators.

We also support non-profit organizations under our Scientific and Academic licensing programme. Customers include Harvard Law School, Princeton University, University of Chicago, Karlsruhe Institute of Technology (KIT), Université Laval or Centre de Calcul de l’Institut National de Physique Nucléaire (France).

Our complete code is Open Source, so in addition to our own quality processes it has been audited several times by security experts and auditors of our customers.

Search Guard also participates in CA Veracode Verified, a program that validates a company’s secure software development processes, and has reached the verified status. CA Veracode Verified empowers us to demonstrate our commitment to creating secure software:

https://www.veracode.com/verified/directory
https://www.veracode.com/ratings/floragunngmbh

We are also member of the IT Security Association Germany (TeleTrusT). TeleTrusT is a widespread competence network for IT security comprising members from industry, administration, consultancy and research as well as national and international partner organizations with similar objectives.

We also participate in the Alliance for CybersecurityThe Alliance for Cyber Security is an initiative of the Federal Office for Information Security (BSI) founded in cooperation with the Federal Association for Information Technology, Telecommunications and New Media (BITKOM).

Search Guard is dual licensed: all basic security features in the Community Edition are free, while you need to obtain a license in order to use the Enterprise or Compliance Edition in production. All free and enterprise features are listed in our feature comparison matrix.

We license Search Guard per production cluster, not number of nodes. The regular license has no limits regarding the number of nodes, so you can scale your cluster indefinitely without additional costs. All other systems, like development, staging, integration, test and the like are included in the license. Scale your cluster, not your cost!

We also offer discounted licenses for small installations with 5 nodes or less. Get in contact with us and we will work out a licensing model that fits your needs.

The easiest way to set up a PoC and try out all Search Guard features is to use the Search Guard Demo Installer:

Search Guard Demo Installer

The installer comes with a trial license that enables all Enterprise and Compliance features for 60 days. If you need to extend your Search Guard trial, just get in contact with us and we’re happy to provide you with an extended license.

Once you take Search Guard into production you must purchase an Enterprise license.

You can test all of our Enterprise features for 60 days.

Search Guard 6 already comes with all modules installed, and a Trial License is automatically generated when you start Search Guard for the first time. So just install the Search Guard plugin and you’re good to go!

For Search Guard 5, each enterprise feature comes as a separate jar file and lives in its own repository on GitHub. You can either:

  • download the jar file(s) from Maven Central
  • clone the repository and build the jar yourself with a simple mvn install command

Please refer to the documentation for detailed installation instructions.

Search Guard support can be booked from us directly or from one of our business partners. If you’re looking for a combined offering, including Search Guard and Elasticsearch, you can get a support package from:

Excelerate Systems
Sematext

We also provide community support on the official Search Guard Google Group.

We believe that any security related software has to be Open Source by definition. You as a customer need to have the possibility to inspect our code and run your own security audits on it if required.

With closed source software, the only option you have is to trust the vendor. You can’t be sure that there are no security holes or backdoors in the software, or that it does not “call home”. If you’re serious about the security of your data, closed source is simply not an option.

However, it is important to understand that it is illegal to take our enterprise features into production without purchasing a license. This can lead to serious legal consequences, which can bring more harm and costs to a company than our fair and user-oriented pricing and licensing model.

All features will continue to work, but you need to renew your license. We will get in touch with you when the license is about to expire. The regular run-time of a license is one year, but it is possible to purchase licenses for a longer period of time. Get in contact with us and we will be happy to find the best solution for your needs.

Search Guard is fully compatible with the Elastic Stack, including:

  • Kibana
  • Logstash
  • Beats
  • X-Pack Monitoring
  • X-Pack Alerting
  • X-Pack Machine Learning

Search Guard also provides true multitenancy for Kibana: you can fully separate Dashboards, Visualizations and Saved Searches by user and role.

Please refer to the compatibility section of the documentation for further information.

Not finding an answer to your question?
Just contact us, and we’ll get back to you as soon as possible.

Any questions left?

Community support is available via the Search Guard Forum.

Forum

Read the material which contains instructions and explanations around set up and configuration.

Documentation

See our blog topics for in depth information on selected subjects.

Blog
pmeloFAQ