In a nutshell

Search Guard (®) is an Elasticsearch plugin that offers encryption, authentication, and authorization. It builds on Search Guard SSL and provides pluggable auth/auth modules in addition.

Search Guard offers all basic security features for free. If you need enterprise features, we offer a very flexible licensing model and support. Tailored to your needs if none of our packages fit.

Search Guard is an independent implementation of a security access layer for Elasticsearch. Search Guard is completely independent from Elasticsearch own security offerings. Elasticsearch, Kibana and Logstash are trademarks of Elasticsearch BV, registered in the U.S. and in other countries. floragunn GmbH is not affiliated with Elasticsearch BV.

Download Overview PDF


Search Guard (®) is an alternative to other security solutions for Elasticsearch and offers the following features in addition :

OpenSSL support

You can choose whether to use Java Cryptography Extension (JCE) or native OpenSSL for SLL handling. OpenSSL is much faster than JCE, and offers a wider range of modern cipher suites, therefore we recommend using OpenSSL.

JWT support

Authenticate users by providing JSON web tokens.

HTTP Proxy Authentication

Some organisations already have a single-sign-on or authentication solutions in place, like CA single sign on or Citrix Netscaler. Any of these authentication solutions that make the authenticated user available in the HTTP header can be integrated with Search Guard by using our proxy authentication module.

Source code available

Worried about backdoors or hidden functionality? Want to check that Search Guard does not “call home”? Need to do an internal audit before using Search Guard in production? While some of our features require a commercial license, we will keep the complete code open source. Download, inspect, evaluate.

Download Overview PDF

If you’re interested in Search Guard or have additional questions, get in touch with us!

Subject *

Elasticsearch version *