open-consul/website/content/docs/security/index.mdx

---
layout: docs
page_title: Security - Overview
description: >-
  Security requirements and recommendations for Consul vary depending on workloads and environments. Learn how ACLs and encryption can protect access to and communication within your datacenter.
---

## Security Models

Requirements and recommendations for operating a secure Consul deployment may vary drastically depending on your
intended workloads, operating system, and environment. You can find detailed information about the various personas,
recommendations, requirements, and threats [here](/docs/security/security-models).

## ACLs

Consul provides an optional [Access Control List (ACL) system](/docs/security/acl) which can be used to control access
to data and APIs.

## Encryption

The Consul agent supports encrypting all of its network traffic. The exact method of encryption is described on the
[encryption security page](/docs/security/encryption). There are two separate encryption systems, one for gossip
traffic and one for HTTP + RPC.
website: bulk copy from serf 2014-02-08 00:41:03 +00:00			`---`
intro and api navigation converted 2020-04-07 18:55:19 +00:00			`layout: docs`
Spacing and title fixes 2022-09-16 15:28:32 +00:00			`page_title: Security - Overview`
intro and api navigation converted 2020-04-07 18:55:19 +00:00			`description: >-`
Spacing and title fixes 2022-09-16 15:28:32 +00:00			`Security requirements and recommendations for Consul vary depending on workloads and environments. Learn how ACLs and encryption can protect access to and communication within your datacenter.`
website: bulk copy from serf 2014-02-08 00:41:03 +00:00			`---`

Revamp security model documentation 2020-11-04 22:05:44 +00:00			`## Security Models`
website: bulk copy from serf 2014-02-08 00:41:03 +00:00
maintenance complete, pending markdown-page component addition 2020-12-08 23:24:36 +00:00			`Requirements and recommendations for operating a secure Consul deployment may vary drastically depending on your`
			`intended workloads, operating system, and environment. You can find detailed information about the various personas,`
Actually fix spelling of recommendations I obviously have no idea how to spell this word 2020-11-05 16:13:14 +00:00			`recommendations, requirements, and threats [here](/docs/security/security-models).`
website: bulk copy from serf 2014-02-08 00:41:03 +00:00
Revamp security model documentation 2020-11-04 22:05:44 +00:00			`## ACLs`
website: documenting the internals 2014-02-20 20:26:50 +00:00
maintenance complete, pending markdown-page component addition 2020-12-08 23:24:36 +00:00			`Consul provides an optional [Access Control List (ACL) system](/docs/security/acl) which can be used to control access`
			`to data and APIs.`
website: documenting the internals 2014-02-20 20:26:50 +00:00
Revamp security model documentation 2020-11-04 22:05:44 +00:00			`## Encryption`
website: bulk copy from serf 2014-02-08 00:41:03 +00:00
maintenance complete, pending markdown-page component addition 2020-12-08 23:24:36 +00:00			`The Consul agent supports encrypting all of its network traffic. The exact method of encryption is described on the`
			`[encryption security page](/docs/security/encryption). There are two separate encryption systems, one for gossip`
			`traffic and one for HTTP + RPC.`