Skip to main content

Security Feature Tiering

Zen Mesh security features are tiered by plan. This page defines which features are available at each tier for V1 and the V1.1 roadmap.

V1 — Plan Tiering

IP Allowlist / Block

PlanIP Allowlist/Block
FreeNot included. Upgrade CTA shown.
ProIP allowlist/block included.
BusinessIP allowlist/block included.
EnterpriseIP allowlist/block included.

IP allowlist/block is surfaced under Endpoint/Webhook Security in the UI. Free plan users see an upgrade prompt when accessing this feature.

What IP Allowlist/Block Does

Restricts which source networks can deliver webhooks to Zen Mesh ingesters. Reduces attack surface by deny-by-default enforcement on source IP.

V1.1 — Planned Features

HTTP Header Management

PlanHeader Filtering/Block/Transform
FreeNot included.
ProNot included.
BusinessHeader filtering/blocking/transform management planned.
EnterpriseHeader filtering/blocking/transform management planned.

Header management is aligned with the V1.1 release and the Business plan launch. It is not a V1 blocker. Do not claim header management is available in V1 unless implementation is complete and product explicitly approves the claim.

Dedicated IP

PlanDedicated IP
FreeNot included.
ProNot included.
BusinessDedicated IP add-on (planned).
EnterpriseAdvanced/dedicated controls (planned).

Dedicated IP remains Business+ / Enterprise. Do not claim availability unless implementation is complete.

Summary Table

FeatureFreeProBusinessEnterpriseVersion
HMAC signature verificationV1
IP allowlist/blockV1
TLS/mTLS transportV1
Integrity evidenceV1
Header filtering/block/transformPlannedPlannedV1.1
Dedicated receive IPPlannedPlannedV1.1+