Rock solid Elasticsearch security on all levels

Search Guard® is an Open Source security suite for Elasticsearch and the entire ELK stack that offers encryption, authentication, authorization, audit logging and multi tenancy.

Whether you just want to encrypt data in transit, authenticate users against Active Directory, use Kerberos or JSON web tokens for Single Sign On or need to monitor and log malicious access attempts, Search Guard is your one-stop solution. And the best part is that the Community edition comes for free!

Community edition

  • Full data in transit encryption

  • Index level access control

  • HTTP basic authentication

  • User-, role- and permission management

  • Node-to-node encryption

  • Document type level access control

  • Proxy support

  • User Impersonation

Enterprise edition

  • Active Directory

  • LDAP

  • Kerberos / SPNEGO

  • Document level security

  • Field level security

  • JSON web token support

  • Audit logging

  • REST management API

  • Kibana multitenancy support

  • Works with encryption at rest

Search Guard supports

Open Source

Worried about backdoors or hidden functionality? Want to check that Search Guard does not “call home”? Need to do an internal audit before using Search Guard in production? While some of our features require a commercial license, we will keep the complete code open source. Download, inspect, evaluate.


You can choose whether to use Java Cryptography Extension (JCE) or native OpenSSL for SLL handling. OpenSSL is much faster than JCE, and offers a wider range of modern cipher suites, therefore we recommend using OpenSSL.

HTTP Proxy Authentication

Some organisations already have a single-sign-on or authentication solutions in place, like CA single sign on or Citrix Netscaler. Any of these authentication solutions that make the authenticated user available in the HTTP header can be integrated with Search Guard by using our proxy authentication module.


Search Guard Architecture

Where to go next

Install Search Guard and try out all of our features, for free, for an unlimited amount of time. Or download the Search Guard Bundle for a quick PoC.

Deep-dive into Search Guard by reading the official documentation over at GitHub.

Like what you see? We offer flexible and affordable enterprise licenses, based on production clusters, not the number of nodes. Read all about our fair license model here.