--- layout: docs page_title: Security Models sidebar_title: Security Models description: >- Overview and links to various Consul security models. --- ## Overview Requirements and recomendations for operating a secure Consul deployment may vary drastically depending on your intended workloads, operating system, and environment. Consul is not secure by default, but can be configured to satisfy the security requirements for a wide-range of use cases from local developer environments without any configuration to container orchestrators in-production with ACL authorization, and mTLS authentication. ### Core The core Consul product provides several options for enabling encryption, authentication, and authorization controls for a cluster. You can read more about the various personas, recomendations, requirements, and threats [here](/docs/security/security-models/core). ### NIA [Network Infrastructure Automation](/docs/nia) (NIA) enables dynamic updates to network infrastructure devices triggered by service changes. Both the core Consul product's configuration and the configuration for the `consul-terraform-sync` daemon used by NIA can affect the security of your deploymnet. You can read more about the various personas, recomendations, requirements, and threats [here](/docs/security/security-models/nia).