Search Guard can be used to secure your Elasticsearch cluster by working with different industry standard authentication techniques, like Kerberos, LDAP/Active Directory, JSON web tokens, TLS certificates and Proxy authentication/SSO.

Feature comparison

Feature Community Enterprise Compliance
REST- and Transport Layer encryption
Support for encryption at rest
Role-based access control
Index-Level security
Internal / Native authentication
HTTP Basic authentication
Proxy & PKI authentication
Pre-defined permission sets
Single permissions
Kibana Session Management
Anonymous access
Certificate Revocation Lists
Configuration hot-reload
Cross Cluster Search support
Active Directory
Kerberos / SPNEGO
JSON web token authentication
Custom authenticators
REST management API
Document-level security
Field-level security
Audit Logging
Kibana SSO
Kibana multitenancy
Configuration GUI
Read history audit logging
Write history audit logging
Field anonymization
Immutable indices
Event routing
Elasticsearch installation monitoring
Search Guard configuration monitoring

Where to go next

Download Search Guard
right now for a quick PoC.


Take a deep dive into Search Guard by reading the official documentation


Not sure which solution is the
best fit for your infrastructure?

Get in touch with us!