# Security management The Weka system is a secured environment. It deploys a combination of security controls to ensure secured communication and secured user data. The security controls include the following: * **HTTPS access:** To access the Weka GUI, you connect only to one of the system servers using HTTPS through port 14000. * **Authentication tokens:** The authentication tokens are used for accessing the Weka system API and to allow the mounting of secure filesystems. * **KMS:** When creating an encrypted filesystem, a KMS must be used to properly secure the encryption keys. The KMS encrypts and decrypts filesystem keys. * **TLS certificates:** By default, the system deploys a self-signed certificate to access the GUI, CLI, and API through HTTPS. You can deploy your certificate by providing an unencrypted private key and certificate PEM files. * **CA certificates:** The system uses well-known CA certificates to establish trust with external services. For example, when using a KMS. * **Account lockout:** To prevent brute force attacks, if several login attempts fail (default: 5), the user account is locked for several minutes (default: 2 minutes). * **Login banner:** The login banner provides a security statement or a legal message displayed on the sign-in page. * **GUI session automatic termination:** The user is signed out after 30 minutes of inactivity. **Related topics** [Obtain authentication tokens](/4.0/usage/security/obtain-authentication-tokens.md) [KMS management](/4.0/usage/security/kms-management.md) [TLS certificate management](/4.0/usage/security/tls-certificate-management.md) [CA certificate management](/4.0/usage/security/ca-certificate-management.md) [Account lockout threshold policy management](/4.0/usage/security/account-lockout-threshold-policy-management.md) [Organizations management](/4.0/usage/organizations.md)\ (security topics related to mounting and separation of organizations) [User management](/4.0/usage/user-management.md)\ (authentication of different user roles and AD/LDAP) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.weka.io/4.0/usage/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.