diff --git a/docs/pages/faq.mdx b/docs/pages/faq.mdx index 76ff9e6b337c0..139a7544d5b86 100644 --- a/docs/pages/faq.mdx +++ b/docs/pages/faq.mdx @@ -116,19 +116,28 @@ Teleport offers this feature for the [Enterprise versions of Teleport](choose-an ## Does Teleport send any data back to the cloud? -The open source and Enterprise editions of Teleport do not send any information -to our company, and can be used on servers without internet access. +The open source edition of Teleport does not send any information to our +company, and can be used on servers without internet access. The commercial editions of Teleport can optionally be configured to send anonymized information, depending on the license purchased. This information contains the following: -- Anonymized user ID: SHA256 hash of a username with a randomly generated prefix. -- Anonymized server ID: SHA256 hash of a server IP with a randomly generated prefix. - -This allows Teleport Cloud and Teleport Enterprise to print a warning if users -are exceeding the usage limits of their license. The reporting library code is -[on GitHub](https://github.com/gravitational/reporting). +- Teleport license identifier; +- anonymized cluster name and Teleport auth server host ID; +- for each Teleport user, the anonymized user name and a per-protocol count of + interactions - Teleport logins, SSH and Kubernetes exec sessions, Application + access web sessions and TCP connections, SSH port forwards, Kubernetes API + requests, SFTP actions. + +The anonymization is done by passing names and IDs through HMAC-SHA-256, with a +HMAC key that's randomly generated when the Teleport cluster is initialized for +the first time and is never shared with us; this makes it infeasible for anyone +without access to the cluster to deanonymize the data we store. + +The code that aggregates and anonymizes this data can be found [in our +repository on +GitHub](https://github.com/gravitational/teleport/tree/master/lib/usagereporter/teleport/aggregating). Reach out to `sales@goteleport.com` if you have questions about the commercial editions of Teleport.