---
layout: docs
page_title: Security - Overview
description: >-
  Security requirements and recommendations for Consul vary depending on workloads and environments. Learn how ACLs and encryption can protect access to and communication within your datacenter.
---

## Security Models

Requirements and recommendations for operating a secure Consul deployment may vary drastically depending on your
intended workloads, operating system, and environment. You can find detailed information about the various personas,
recommendations, requirements, and threats [here](/docs/security/security-models).

## ACLs

Consul provides an optional [Access Control List (ACL) system](/docs/security/acl) which can be used to control access
to data and APIs.

## Encryption

The Consul agent supports encrypting all of its network traffic. The exact method of encryption is described on the
[encryption security page](/docs/security/encryption). There are two separate encryption systems, one for gossip
traffic and one for HTTP + RPC.