memgraph · matea16 · Jul 21, 2025 · Jul 18, 2025
@@ -7,25 +7,14 @@ description: Learn how to enable Memgraph Enterprise and leverage its advanced c
 
 The following Memgraph features are only available in Enterprise Edition:
 
-- [Audit log](/database-management/logs#audit-log-enterprise)
-- [Auth system integrations](/database-management/authentication-and-authorization/auth-system-integrations) and [Single Sign-On (SSO)](/database-management/authentication-and-authorization/auth-system-integrations#single-sign-on)
-- [CRON snapshot scheduling](/fundamentals/data-durability#periodic-snapshots)
-- [Hiding sensitive information](/database-management/logs#hiding-passwords-enterprise)
-- [SAML integration](/database-management/authentication-and-authorization/auth-system-integrations#saml)
-- [OIDC integration](/database-management/authentication-and-authorization/auth-system-integrations#openid-connect-oidc)
-- [LDAP integration](/database-management/authentication-and-authorization/auth-system-integrations#ldap)
-- [Monitoring via HTTP server](/database-management/monitoring#metrics-tracking-via-http-server-enterprise-edition)
-- [Multi-tenancy](/database-management/multi-tenancy)
-- [Role-based access control](/database-management/authentication-and-authorization/role-based-access-control)
-- [Label-based access control](/database-management/authentication-and-authorization/role-based-access-control#label-based-access-control)
-- [Impersonate user](/database-management/authentication-and-authorization/impersonate-user)
-- [High availability](/clustering/high-availability) and [automatic failover](/clustering/high-availability#failover)
-- [Time to live](/querying/time-to-live)
-- [Query sharing](/data-visualization/user-manual/query-sharing) in Memgraph Lab
-- [Graph Style Script sharing](/data-visualization/user-manual/graph-style-script-sharing) in Memgraph Lab
-- [Dynamic graph algorithms](/advanced-algorithms/available-algorithms#dynamic-graph-algorithms-enterprise)
-
-They are present in the same binary but protected by a license key.
+| **Category** | **Features** |
+|---------------|-------------|
+| **Security** | [Role-based access control (RBAC)](#role-based-access-control) <br /> [Label-based access control (LBAC)](#role-based-access-control) <br /> [Auth system integrations](#authentication-system-integrations) (LDAP, SAML, OIDC) <br /> [Impersonate user](#impersonate-user) <br /> [Hiding sensitive information](#hiding-sensitive-information) |
+| **Logging & monitoring** | [Audit log](#audit-log) <br /> [Metrics tracking via HTTP server](#metrics-tracking-via-http-server) (Prometheus integration) |
+| **Database management** | [High availability](#high-availability) with automatic failover <br /> [Multi-tenancy](#multi-tenancy) <br /> [CRON snapshot scheduling](#cron-snapshot-scheduling) |
+| **Querying** | [Dynamic graph algorithms](#dynamic-graph-algorithms) <br /> [Time-to-live (TTL)](#time-to-live-ttl) for data expiration |
+| **Memgraph Lab features** | [Real-time performance monitoring](#monitoring) <br /> [Query sharing](#sharing-features) <br /> [Graph Style Script (GSS) sharing](#sharing-features) <br /> [Single Sign-On (SSO)](#single-sign-on) support (OIDC, SAML) |
+
 
 If you're interested in the Memgraph Enterprise Trial, you need to fill out the
 following [form](https://memgraph.com/enterprise-trial) where one of the fields
@@ -90,3 +79,154 @@ Once the license key expires, the enterprise features will be disabled, but the
 data stored in the database will remain intact. You will still be able to add
 more data, but any enterprise features that require specific actions will no
 longer function. For example, you will not be able to create any new databases.
+
+## Security features
+
+### Role-based access control
+
+Most databases used in production have multiple users accessing and modifying
+data within the database, which might pose a serious security concern for system
+administrators wishing to grant only certain privileges to specific users. With
+[role-based access
+controls](/database-management/authentication-and-authorization/role-based-access-control#user-roles-enterprise-feature),
+a set of users can have different [privilege
+levels](/database-management/authentication-and-authorization/role-based-access-control#privileges-enterprise-feature).
+For even more control, Memgraph has added [label-based access control
+(LBAC)](/database-management/authentication-and-authorization/role-based-access-control#label-based-access-control)
+as a more fine-grained access control to enable authorization on node labels and
+relationship edge types. By applying authorization to graph’s first class
+citizens, a database administrator can now keep all the data in one database
+while keeping any private data secure from those who don’t have adequate
+permission.
+
+### Authentication system integrations
+
+Memgraph supports authentication and authorization using external auth modules.
+It includes built-in support for basic (username and password) authentication
+via
+[LDAP](/database-management/authentication-and-authorization/auth-system-integrations#ldap),
+as well as [single sign-on over the SAML and OIDC
+protocols](/database-management/authentication-and-authorization/auth-system-integrations#single-sign-on).
+
+### Impersonate user
+The [impersonate
+user](/database-management/authentication-and-authorization/impersonate-user)
+feature lets authorized users run queries on behalf of another user. When using
+impersonation, the permitted user adopts the full permissions and context of the
+impersonated user. This means they can execute queries and perform actions
+exactly as the impersonated user, with all associated privileges. This feature
+provides a powerful tool for managing user permissions, debugging, and
+performing administrative tasks. By leveraging the ability to impersonate other
+users, you can ensure more efficient management of users and roles while
+maintaining robust security and access control within your graph database.
+
+### Hiding sensitive information
+
+To enhance security, it’s crucial to ensure that sensitive information is not
+logged. With Memgraph Enterprise, users can [mask
+passwords](/database-management/logs#hiding-passwords-enterprise) - all
+passwords are replaced with **** to prevent their exposure in the logs. This
+approach ensures that even if logs are accessed by unauthorized individuals,
+they won’t be able to retrieve the actual passwords.
+
+## Logging and monitoring 
+
+### Audit log
+
+Memgraph supports all query [audit
+logging](/database-management/logs#audit-log-enterprise). When enabled, the
+audit log contains **records of all queries executed on the database**. Each
+executed query is one entry (one line) in the audit log. The audit log itself is
+a CSV file. By default, the log is rotated every day and a full year of entries
+is preserved.
+
+### Metrics tracking via HTTP server
+
+In production systems, monitoring of applications is crucial, and that includes
+databases as well. Memgraph allows [tracking information about
+transactions](/database-management/monitoring#metrics-tracking-via-http-server-enterprise-edition),
+query latencies, snapshot recovery latencies, triggers, bolt messages, indexes,
+streams, and many more using an HTTP server. That means you can [integrate
+Memgraph with
+Prometheus](https://memgraph.com/blog/use-prometheus-monitoring-memgraph-performance-metrics),
+a time-series database that enables other databases and applications to monitor
+and react to performance changes in the system just in time.
+
+## Database management 
+
+### High availability
+
+[High availability](/clustering/high-availability) is a critical component for
+maintaining a resilient database system. Especially for enterprises that require
+uninterrupted data access and reliability. Memgraph’s Enterprise edition is the
+ideal solution for those who need a worry-free, highly available system with
+[automatic failover](/clustering/high-availability#failover). Built-in automatic
+failover ensures your system remains operational with minimal downtime and
+manual intervention.
+
+### Multi-tenancy
+
+[Multi-tenant support](/database-management/multi-tenancy) enables you to manage
+multiple isolated databases within a single instance. That is especially useful
+if you prefer having multiple clients in one database. Those isolated databases
+within Memgraph function as distinct single-database Memgraph instances. That
+means that queries executed on a specific database should operate as if it were
+the sole database in the system, preventing cross-database contamination.
+
+### CRON snapshot scheduling
+
+Memgraph supports [periodic snapshot
+creation](/fundamentals/data-durability#periodic-snapshots) in defined
+intervals. With Memgraph Enterprise, users can define these intervals as
+[CRON](https://crontab.guru/) expressions.
+
+## Querying 
+
+### Dynamic graph algorithms
+
+[Dynamic graph
+algorithms](/advanced-algorithms/available-algorithms#dynamic-graph-algorithms-enterprise)
+allow you to perform **real-time, scalable computations on changing data**.
+These algorithms have been specifically developed to handle high-speed updates
+and large-scale graph changes without needing to restart the computation
+process.
+
+Here’s a breakdown to help you compare the Community and Enterprise offering in
+terms of graph algorithms:
+
+| Feature        | Static algorithms (Community)                          | Dynamic algorithms (Enterprise)                   |
+|----------------|--------------------------------------------------------|---------------------------------------------------|
+| **Performance** | High-performing at scale                               | Real-time performance at scale                    |
+| **Handling graph updates** | Requires recomputation                          | Updates in real-time without recomputation        |
+| **Use case**   | Great for batch or periodic processing                  | Ideal for real-time applications                  |
+| **Licensing**  | Free (Community version)                                | Part of Enterprise version                        |
+
+
+### Time to live (TTL)
+
+[Time-to-live](/querying/time-to-live) allows a user to tag vertices with an
+expiration time. Once a vertex has expired, the vertex and all associated edges
+will be deleted.
+
+## Memgraph Lab Enterprise features 
+
+### Monitoring
+
+[Monitoring](/memgraph-lab/features/monitoring) feature tracks resource usage,
+database size, query activity, transaction flow and active sessions, providing
+real-time insights into database performance.
+
+### Sharing features
+
+[Query sharing](/memgraph-lab/features/sharing-features#query-sharing) allows
+users to share selected queries from the query execution or previously run
+queries from the history. [Graph Style Script (GSS)
+sharing](/memgraph-lab/features/sharing-features#graph-style-script-sharing)
+allows users to share styling scripts among team members.
+
+### Single sign-on
+
+[Single sign-on (SSO)](/memgraph-lab/features/single-sign-on) provides
+authorization and authentification to your database. It supports two types of
+SSO methods - OpenID Connect (OIDC + OAuth 2.0) and SAML- and two identity
+providers - Microsoft Azure (Entra ID) and Okta.