Community vs Enterprise
AxonFlow is available in two editions: Community for self-hosted experimentation and Enterprise for production rollouts requiring IT, security, and compliance approval.
Who this page is for
This matrix is intended for:
- Security and compliance reviews
- Platform and infrastructure architects
- Procurement and vendor evaluation
If you're evaluating AxonFlow for local development or experimentation, the Community edition covers everything needed to build and validate workflows.
How to read this table
Community is intended for single-team development and evaluation. Enterprise capabilities address organizational requirements such as identity, compliance, multi-tenancy, and procurement.
Quick Decision Guide
| You want to... | Edition |
|---|---|
| Prototype AI governance locally | Community |
| Validate policies before production | Community |
| Test PII detection patterns (Aadhaar, PAN, SSN) | Community |
| Test Singapore PII detection (NRIC, FIN, UEN) | Community |
| Roll out to real users with IT approval | Enterprise |
| Meet regulatory requirements (EU AI Act, SEBI, MAS FEAT, EBA ML) | Enterprise |
| Prove compliance to regulators with audit exports | Enterprise |
| Centralize identity management (SSO, SCIM) | Enterprise |
Why Teams Upgrade to Enterprise
Enterprise isn't about more features — it's about what IT, security, and compliance require before approving production deployment.
Identity & Organization Controls
| Requirement | Why It Matters |
|---|---|
| SSO + SAML | IT won't approve systems that bypass corporate identity |
| SCIM user provisioning | Automated onboarding/offboarding through your IdP |
| SCIM group-to-role sync | Permissions follow your org structure automatically |
| Multi-tenant isolation | Required when multiple teams share infrastructure |
Compliance & Risk
| Requirement | Why It Matters |
|---|---|
| EU AI Act conformity workflows | High-risk AI systems require documented conformity assessments |
| 10-year audit retention | EU AI Act mandates long-term traceability |
| SEBI/RBI compliance exports | Indian financial regulators require specific formats |
| 5-year audit retention | SEBI mandate for financial AI systems |
| MAS FEAT AI System Registry | Singapore FIs must register AI systems with risk ratings |
| MAS FEAT assessment workflows | Fairness, Ethics, Accountability, Transparency assessments |
| EBA ML Model Registry | EU banks must track ML models with IRB classification |
| EBA Model validation workflows | CRR requires documented validation for credit risk models |
| Human-in-the-Loop (HITL) queue | Regulators require human review for high-stakes decisions |
| Emergency circuit breaker | RBI FREE-AI Framework requires immediate shutdown capability |
Platform & Operations
| Requirement | Why It Matters |
|---|---|
| One-click CloudFormation | Production-grade AWS deployment without DevOps overhead |
| Usage analytics | Cost attribution across teams and projects |
| Customer Portal UI | Runtime management without code changes |
| Priority support + SLA | Required for business-critical systems |
Full Feature Matrix
This detailed breakdown is organized into 6 logical groups for easier navigation.
1. Governance & Security
Core policy enforcement, threat detection, and code governance capabilities.
| Feature | Community | Enterprise |
|---|---|---|
| Policy Enforcement | ||
| Policy enforcement engine | ✅ | ✅ |
| Sub-10ms inline governance1 | ✅ | ✅ |
| Static Policy API (list, get, CRUD) | ✅ | ✅ |
| Dynamic policy CRUD API | ✅ | ✅ |
| Pattern testing API | ✅ | ✅ |
| Threat Detection | ||
| PII detection (SSN, credit cards, PAN, Aadhaar) | ✅ | ✅ |
| SQLi response scanning (basic) | ✅ | ✅ |
| Advanced SQLi detection (ML-assisted) | ❌ | ✅ |
| Code Governance | ||
| Code artifact detection in LLM responses | ✅ | ✅ |
| Language detection (14 languages) | ✅ | ✅ |
| Code type categorization | ✅ | ✅ |
| Secret pattern detection | ✅ | ✅ |
| Unsafe code pattern detection | ✅ | ✅ |
| Git provider integration (GitHub, GitLab, Bitbucket) | ❌ | ✅ |
| PR creation from LLM-generated code | ❌ | ✅ |
| Code governance dashboard | ❌ | ✅ |
| Identity & Access | ||
| SSO/SAML integration | ❌ | ✅ |
| SCIM 2.0 user provisioning | ❌ | ✅ |
| SCIM group sync & role mapping | ❌ | ✅ |
2. Audit & Compliance
Audit logging, regulatory compliance, and retention capabilities.
| Feature | Community | Enterprise |
|---|---|---|
| Audit Logging | ||
| Audit logging (LLM calls) | ✅ | ✅ |
| MCP query audit logging | ✅ | ✅ |
| Audit logging for code artifacts | ✅ | ✅ |
| Decision chain tracing | ✅ | ✅ |
| Transparency headers (X-AI-*) | ✅ | ✅ |
| EU AI Act Compliance | ||
| Conformity assessment workflow | ❌ | ✅ |
| Human-in-the-Loop (HITL) queue | ❌ | ✅ |
| Emergency circuit breaker | ❌ | ✅ |
| Accuracy metrics & bias detection | ❌ | ✅ |
| 10-year audit retention | ❌ | ✅ |
| EU AI Act export format | ❌ | ✅ |
| India Compliance (SEBI/RBI) | ||
| India PII detection (Aadhaar, PAN, UPI) | ✅ Pattern-based | ✅ With checksum |
| SEBI AI/ML Guidelines - basic detection | ✅ | ✅ |
| SEBI compliance module (export, 5-year retention) | ❌ | ✅ |
| RBI FREE-AI Framework (kill switch, board reports) | ❌ | ✅ |
| Compliance dashboard | ❌ | ✅ |
| Singapore Compliance (MAS FEAT) | ||
| Singapore PII detection (NRIC, FIN, UEN, Phone, Postal) | ✅ Pattern-based | ✅ With checksum |
| FEAT policy templates (credit, trading, insurance) | ❌ | ✅ Full library |
| AI System Registry with runtime enforcement | ❌ | ✅ |
| FEAT assessment workflows (4 pillars) | ❌ | ✅ |
| Kill switch (runtime enforcement) | ❌ | ✅ |
| Bias monitoring with threshold alerts | ❌ | ✅ |
| MAS-compliant export format | ❌ | ✅ |
| 7-year audit retention | ❌ | ✅ |
| EU Banking Compliance (EBA ML Guidelines) | ||
| EU Banking PII detection (IBAN, BIC, VAT) | ❌ | ✅ With MOD-97 |
| EBA ML policy templates (explainability, IRB) | ❌ | ✅ Full library |
| Model Registry with runtime enforcement | ❌ | ✅ |
| Model validation workflows | ❌ | ✅ |
| Explainability logging (Shapley values) | ❌ | ✅ |
| Model change management (CA approval) | ❌ | ✅ |
| EBA-compliant export format | ❌ | ✅ |
3. Policy Management
Policy hierarchy, versioning, and configuration capabilities.
| Feature | Community | Enterprise |
|---|---|---|
| 63 System policies (SQLi, PII, compliance) | ✅ View | ✅ View + Override |
| Tenant-tier policies | ✅ 30 limit | ✅ Unlimited |
| Organization-tier policies | ❌ | ✅ Full CRUD |
| System policy overrides (block→warn→log) | ❌ | ✅ |
| Policy version history | ✅ Last 5 | ✅ Full audit trail |
require_approval action | ✅ Auto-approves | ✅ Full HITL queue |
| Policy templates library | Basic | Full (EU AI Act, HIPAA, PCI-DSS, SEBI, RBI, MAS FEAT, EBA ML) |
| Customer Portal Policy UI | ❌ | ✅ |
4. LLM Providers & Routing
LLM provider support, routing strategies, and cost management.
| Feature | Community | Enterprise |
|---|---|---|
| Providers | ||
| OpenAI | ✅ | ✅ |
| Azure OpenAI | ✅ | ✅ |
| Anthropic (Claude) | ✅ | ✅ |
| Google Gemini | ✅ | ✅ |
| Ollama | ✅ | ✅ |
| AWS Bedrock | ❌ | ✅ |
| Routing | ||
| Multi-provider failover | ✅ | ✅ |
| Weighted routing strategy | ✅ | ✅ |
| Round-robin routing | ✅ | ✅ |
| Failover-only strategy | ✅ | ✅ |
| Health-based selection | ✅ | ✅ |
| Cost-optimized routing | ❌ | ✅ |
| Runtime weight updates | ❌ | ✅ |
| Customer Portal provider UI | ❌ | ✅ |
| Cost Management | ||
| Usage tracking (tokens, cost) | ✅ | ✅ |
| Budget limits (org, team, agent, workflow) | ✅ | ✅ |
| Budget alerts and thresholds | ✅ | ✅ |
| Pre-flight budget check | ✅ | ✅ |
| Usage breakdown by dimension | ✅ | ✅ |
| Usage forecast | ❌ | ✅ |
| Usage export (billing integration) | ❌ | ✅ |
| Alert channels (Slack, email, webhook) | ❌ | ✅ |
| Auto-downgrade to cheaper models | ❌ | ✅ |
| Budget rollover | ❌ | ✅ |
| Cost dashboard | ❌ | ✅ |
5. MCP Connectors & Data Access
MCP connector availability and policy enforcement for data access.
| Feature | Community | Enterprise |
|---|---|---|
| Available Connectors | ||
| PostgreSQL, MySQL, MongoDB | ✅ | ✅ |
| Redis, HTTP/REST, Cassandra | ✅ | ✅ |
| S3, Azure Blob, GCS | ✅ | ✅ |
| Amadeus (Travel API) | ❌ | ✅ |
| Salesforce | ❌ | ✅ |
| Slack | ❌ | ✅ |
| Snowflake | ❌ | ✅ |
| HubSpot | ❌ | ✅ |
| Jira | ❌ | ✅ |
| ServiceNow | ❌ | ✅ |
| Customer Portal Connector UI | ❌ | ✅ |
| MCP Policy Enforcement | ||
| SQL injection blocking (REQUEST phase) | ✅ | ✅ |
| PII redaction (RESPONSE phase) | ✅ | ✅ |
| Exfiltration detection (row/volume limits) | ✅ | ✅ |
| MCP query audit logging | ✅ | ✅ |
| Tenant policy evaluation | ✅ | ✅ |
| Rate limiting | ✅ | ✅ |
| Budget controls | ✅ | ✅ |
| Connector configurations | 2 | Unlimited |
| Time-window aggregation (exfiltration) | ❌ | ✅ |
| ML-based anomaly detection | ❌ | ✅ |
| Per-tenant limit overrides | ❌ | ✅ |
| Cross-tenant policy inheritance | ❌ | ✅ |
| Custom policy scripting | ❌ | ✅ |
6. Platform & Operations
Deployment, multi-agent planning, workflow control plane, and operational capabilities.
| Feature | Community | Enterprise |
|---|---|---|
| Deployment | ||
| Docker Compose (local) | ✅ | ✅ |
| AWS ECS/Fargate | Manual | One-click CloudFormation |
| Multi-tenant isolation | ❌ | ✅ |
| Multi-Agent Planning (MAP) | ||
| YAML agent configuration | ✅ | ✅ |
| Parallel task execution | ✅ | ✅ |
| Conditional logic & branching | ✅ | ✅ |
| Agent registry with hot reload | ✅ | ✅ |
| REST API (list, get, validate) | ✅ | ✅ |
| Decision & Execution Replay API | ✅ | ✅ |
| REST API (CRUD, versions, sandbox) | ❌ | ✅ |
| Database-backed agent storage | ❌ | ✅ |
| Execution analytics dashboard | ❌ | ✅ |
| Compliance export (PDF/CSV) | ❌ | ✅ |
| Workflow Control Plane | ||
| Workflow registration (LangChain, LangGraph, CrewAI) | ✅ | ✅ |
| Step gates (allow/block) | ✅ | ✅ |
| Policy evaluation at step level | ✅ | ✅ |
| SDK support (Go, Python, TypeScript, Java) | ✅ | ✅ |
| LangGraph Python adapter | ✅ | ✅ |
require_approval action | ✅ Returns decision | ✅ Routes to Portal HITL |
| Org-level workflow policies | ❌ | ✅ |
| Cross-workflow analytics | ❌ | ✅ |
| Step budgets/rate limits | ❌ | ✅ |
| Support & Commercial | ||
| Community support (GitHub Issues) | ✅ | ✅ |
| Priority support & SLA | ❌ | ✅ |
| Customer dashboard UI | ❌ | ✅ |
| Usage analytics & reporting | ❌ | ✅ |
| AWS Marketplace integration | ❌ | ✅ |
When to Use Each Edition
Community Edition
Best for:
- Evaluation and POCs — Try AxonFlow locally before committing
- Development environments — Build and test with the same platform you'll use in production
- Small-scale deployments — Single teams with basic governance needs
- Learning — Understand how AI governance works hands-on
Get started:
git clone https://github.com/getaxonflow/axonflow.git
cd axonflow
docker compose up -d
Enterprise Edition
Required when:
- Regulated industries — Healthcare (HIPAA), Finance (PCI-DSS, SEBI), EU (AI Act)
- Production workloads — High availability, auto-scaling, monitoring
- IT approval needed — SSO, SCIM, audit requirements
- Complex integrations — Amadeus, Salesforce, Slack, Snowflake, HubSpot, Jira, ServiceNow
Get Enterprise:
- AWS Marketplace: One-click deployment
- Contact Sales: [email protected]
Upgrading from Community to Enterprise
The upgrade path is seamless:
- Same codebase — Enterprise builds on Community, so your policies and configurations carry over
- Same APIs — SDKs work identically with both editions
- No migration needed — Just add your license key and enterprise features are enabled
Enterprise customers receive upgrade-safe guarantees. Community deployments that modify enforcement logic are unsupported and may diverge from compliance semantics over time.
// Community
const axonflow = new AxonFlow({
endpoint: 'http://localhost:8080'
});
// Enterprise - just add license key
const axonflow = new AxonFlow({
endpoint: 'https://your-agent.aws.com',
licenseKey: process.env.AXONFLOW_LICENSE_KEY
});
Example Demos
| Demo | Edition | Features Used |
|---|---|---|
| Getting Started | Community | PostgreSQL, OpenAI |
| Healthcare Example | Enterprise | Bedrock, HIPAA policies |
| Trip Planner | Enterprise | Amadeus, Bedrock, MAP |
| E-commerce | Enterprise | Salesforce, PII detection |