Search Guard can be used to secure your Elasticsearch cluster by working with different industry standard authentication techniques, like Kerberos, LDAP/Active Directory, JSON web tokens, TLS certificates and Proxy authentication/SSO.

Feature comparison

Feature Community Enterprise Compliance
REST- and Transport Layer encryption
Support for encryption at rest
Role-based access control
Index-Level security
Internal / Native authentication
HTTP Basic authentication
Proxy & PKI authentication
Pre-defined permission sets
Single permissions
Kibana Session Management
Anonymous access
Certificate Revocation Lists
Configuration hot-reload
Cross Cluster Search support
Active Directory
Kerberos / SPNEGO
JSON web token authentication
Custom authenticators
Document-level security
Field-level security
Audit Logging
Kibana SSO
Kibana multitenancy
Document read history
Document write history
Write-once indices
System integrity audit trails
Audit log event routing / SIEM integration

Where to go next

Download Search Guard
right now for a quick PoC.


Take a deep dive into Search Guard by reading the official documentation


Not sure which solution is the
best fit for your infrastructure?

Get in touch with us!