Skip to main content

Pomerium Enterprise

Pomerium Enterprise is built on our open-source Pomerium Core offering. Pomerium Enterprise makes Pomerium easier to manage at scale, and adds additional functionality aimed at organizations with auditing, compliance, governance, and risk management needs.

Pomerium Enterprise Features

Pomerium Enterprise comes with all the capabilities in Pomerium Core, plus the following features:

Enterprise Console

The Enterprise Console provides a dashboard where you can view traffic and logs, manage routes and policies, import external data, configure global and namespaced settings, and more.

An overview animation of the Pomerium Enterprise Console

Enterprise API

The Enterprise API helps you manage your configuration with your preferred programming language or infrastructure management tool.

Everything that is manageable in the Enterprise Console can also be driven programmatically through the Enterprise API.

Session Management

The Sessions dashboard allows you to view and manage sessions within your organization. Admin members can export session data and revoke sessions in real time.

View and manage sessions in the Enterprise Console's Sessions dashboard

Pomerium Enterprise

Ready to upgrade to Pomerium Enterprise? Contact us today to get started.

Namespaces and Self-Service

The Namespaces dashboard is where you configure user roles and permissions for routes, policies, and the Enterprise Console itself. Once you’ve configured a Namespace, members of that namespace can self-manage access to the infrastructure they build from or depend on.

Pomerium Enterprise allows you to import groups defined by your identity provider. This allows you to build stable policies that don’t require adjustments as your company changes.

Manage Namespaces in the Enterprise Console's Namespaces dashboard

Deployment History and Audit Logs

The Deployments dashboard allows you to view and export change logs from the Enterprise Console. Select a change to review which user applied it and when.

View deployments in the Enterprise Console's Deployments dashboard

Directory Sync

Pomerium Enterprise's Directory Sync feature allows you to import your identity provider's directory data. After a successful sync, you can use your internal groups and teams data when building policies. Viewing the Identity Providers settings for a directory sync in the Enterprise Console

External Data Sources

In the External Data dashboard, you can import, view, and manage external data sources. After a successful sync, you can use data unique to your organization to serve as context in your authorization policies. Using the External Data Source Record type in a policy

Pomerium Enterprise features comparison

FeaturesPomerium CorePomerium Enterprise
Identity-based AccessPomerium checkmarkPomerium checkmark
SSO SupportPomerium checkmarkPomerium checkmark
Declarative Authorization PolicyPomerium checkmarkPomerium checkmark
TCP SupportPomerium checkmarkPomerium checkmark
Enterprise ConsolePomerium checkmark
Enterprise APIPomerium checkmark
Session ManagementPomerium checkmark
NamespacesPomerium checkmark
Directory SyncPomerium checkmark
User ImpersonationPomerium checkmark
Deployment HistoryPomerium checkmark
Device IdentityPomerium checkmark
Custom BrandingPomerium checkmark
Service AccountsPomerium checkmark
MetricsPomerium checkmark
External Data SourcesPomerium checkmark

Next Steps

Pomerium Enterprise

Already upgraded to Pomerium Enterprise, but need some help setting up the Enterprise Console?

The following docs can help: