close

Is accessing your infrastructure a big hassle? Teleport over to Keeper.

Simpler, more secure deployment for a better price. Switch to Keeper Connection Manager today!

Try Now Contact Sales

Robust Platform vs. Stand-Alone Tool

Robust Platform vs. Stand-Alone Tool

Keeper provides thousands of enterprises and millions of users with robust connection management and privileged access management (PAM) capabilities, integrated into the world’s most secure enterprise password management and secrets management platform. Keeper Connection Manager, Keeper's remote access gateway, is fully integrated into the Keeper ecosystem, which protects organizations from password-related data breaches and cyberthreats.

Teleport is a stand-alone connection tool for software engineers that provides access to infrastructure through the use of short-lived certificates.

Agentless and Clientless

Keeper Connection Manager is 100% agentless and clientless. No configuration or 3rd party services need to be installed on the target instances, and there is no risk of breach from 3rd party agents. Keeper Connection Manager only requires a simple Docker container to be installed in the target environment.

Teleport requires installation of agent software on every endpoint that will be accessed. In addition, it requires the installation of an auth server and a proxy server. Depending on what your users are accessing, you may also need to install clients like ‘tsh.’

Agentless and Clientless

Zero-Knowledge and Zero-Trust

Like the rest of the Keeper ecosystem, Keeper Connection Manager is both zero-knowledge and zero-trust. Keeper cannot access the infrastructure that is managed by the customer. When coupled with Keeper Secrets Manager for credential storage, Keeper provides zero-knowledge encryption of service account passwords and other access credentials.

Teleport Cloud is hosted by Gravitational and routes all connections through a centralized proxy. Unauthorized access to the Auth Server grants certificates that can login to any managed host. Depending on the use case, the TLS session may be decrypted on the server.

Deployment Model

Keeper Connection Manager is easy to deploy on any device using a lightweight Docker container.

Simple Deployment Model

Teleport's deployment model is extremely complex and requires an agent, a central proxy, and a central auth server. Additionally, per Teleport’s own documentation, the solution utilizes features that are not considered "production-ready." Teleport software must be deployed on every instance.

Support for Native RDP and SSH Protocols

Keeper Connection Manager uses standard RDP connections that do not require an admin to reconfigure the organization’s entire data environment. The credentials used to access the destination server are managed by the admin and are never exposed to the end user. Session recordings are available for auditing purposes.

For RDP access, Teleport requires access to the domain controller, a Linux instance, GPO changes, approval of a Teleport CA, and implementation of Smart Card APIs. This method of desktop access is extremely complex and works outside of the norm for the typical enterprise setup. Additionally, Teleport’s RDP sessions cannot be recorded for auditing purposes.

Support for Native RDP and SSH Protocols
Security Model of Teleport Auth Server

Security Model of Teleport Auth Server

The Keeper Connection Manager gateway can be completely locked down to the customer's infrastructure to limit access between the client device and the target server. Secrets that are used to connect to the target servers can be managed within the Keeper Secrets Manager encrypted vault. Pass-through credentials also provide dynamic access to the target instances for any user without storage of secrets anywhere in the gateway.

Teleport Auth Server issues short-lived credentials and is a single point of compromise. Compromise of Teleport Auth Server would permit access to any node running the Teleport agent. This system also hosts a User CA -- this is a long-lived key, and exfiltration of this signing key permits an attacker to mint their own credentials to any Teleport-managed host. The Teleport architecture provides a much larger attack surface.

Detailed Monitoring, Auditing and Reporting Options

Keeper offers extensive reporting on privileged user behavior. In addition to providing aggregate security audits, Keeper also provides event logging for over 140 event types, event-based alerts, and integration with popular 3rd party SIEM solutions. Keeper’s compliance reporting functionality also allows admins to monitor and report the access permissions of privileged accounts across the entire organization, in a zero-trust and zero-knowledge security environment.

Teleport has limited reporting and monitoring tools. It offers no password event data logging or robust compliance reporting functionality.

Detailed Monitoring, Auditing and Reporting Options
Organization and Sharing Capabilities

Organization and Sharing Capabilities

In Keeper Connection Manager's model, end users have no access to the underlying credentials used to broker the connection. Keeper allows you to access systems the way you currently use them, with service accounts, local accounts, admin credentials or pass-through dynamic credentials.

For desktop access, Teleport requires the use of certificate-based authentication, which involves modifying the way your teams currently connect to targets, and making configuration changes on your domain controllers.

Modern Cloud-Based Secrets Management

Keeper Secrets Manager is a fully managed, cloud-based, zero-knowledge platform for securing infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data, integrated directly into Keeper.

Teleport does not offer secrets management or encryption of digital assets.

Modern Cloud-Based Secrets Management
Market Leading Security Infrastructure and Policies

Market Leading Security Infrastructure and Policies

Keeper has had the longest-standing SOC2 and ISO 27001 certification in the industry. Keeper utilizes best-in-class security, with a zero-trust framework and zero-knowledge security architecture that protects customer data with multiple layers of encryption keys at the vault, shared folder and record levels.

Keeper Security Government Cloud is FedRAMP Authorized and supports compliance with the United States International Traffic in Arms Regulations (ITAR).

Teleport has only been SOC2 certified since 2021, and this does not cover their cloud platform.

*Source: https://goteleport.com/blog/soc2-certification-table-stakes-for-b2b-saas/

Trusted by millions of people and thousands of businesses

Ready to Teleport to Keeper?

Switch to Keeper Now

close
English (US) Call Us