Skip To Content

ArcGIS Enterprise product capabilities

ArcGIS Enterprise has many configurable options and capabilities to meet stringent security requirements. These capabilities are described in the sections below. In addition, see the Best practices section for a general list of recommended steps to consider when deploying ArcGIS Enterprise in an environment.


For related documents such as presentations about designing a Web GIS security strategy, see Documents.

Configurable security

Configure users and roles for your ArcGIS Enterprise implementation in a way that aligns with organizational policies and minimizes administrative burden. For more information, see Control access in ArcGIS Server.

  • Roles
    • Administrators—Full administrator control.
    • Publishers—Publish web services.
    • Users—View web services.
  • Identity store
    • Built-in ArcGIS Server user store (default)—Manage users and roles in built-in store.
    • Enterprise identity store (an organization's existing Active Directory or LDAP)—Leverage users and roles from an enterprise store.
    • Mixed mode—Users from the enterprise identity store and roles managed in ArcGIS Server built-in store.
  • Portal and ArcGIS Server federation
    • In a federated configuration, Portal for ArcGIS serves as a configurable front end for ArcGIS Server and is responsible for authentication of end users. Organizational logins using SAML 2.0 Web single sign-on can be leveraged in versions 10.3 and later.

Deployment options

  • On-premises
  • Cloud
    • Deploy ArcGIS Enterprise in a public or private cloud of choice and manage all associated infrastructure. Benefit from cloud scaling capabilities.
  • Cloud (Esri Managed)
    • Deploy ArcGIS Enterprise in the cloud and have your GIS as well as associated infrastructure (such as database) managed by Esri Managed Cloud Services (EMCS).
  • Esri Managed Cloud Services Advanced Plus
    • For higher-security needs, EMCS Advanced Plus is now available where ArcGIS Enterprise is deployed in the cloud. Notably, EMCS Advanced Plus has several key security benefits to align with stringent FedRAMP Moderate security standards. These benefits include a fully hardened environment, intrusion detection system (IDS), security information and event management (SIEM), vulnerability scanning, real-time network analysis for threats, performance monitoring, log management, 24/7 monitoring for threats, and a mature backup strategy.