The embodiment of the invention discloses a
security policy configuration system and method for a virtual security gateway. The method comprises the steps that user security policies are generated according to user configuration; with
virtual network interface cards as minimum units, the user security policies of all users are split into minimum unit user security policies respectively; a
user information base is inquired for obtaining information of a
virtual machine which the
virtual network interface cards belong to, information of a physical
machine which the
virtual machine belongs to, and VSG information deployed on the physical
machine, and obtaining VSG security policies from the
user information base, wherein the information of the
virtual machine, the information of the physical
machine and the VSG information correspond to all the minimum unit user security policies respectively; with the
virtual network interface cards as the minimum units, all the VSG security policies are split into minimum unit VSG security policies; the minimum unit user security policies are utilized for updating the minimum unit VSG security policies, the updated minimum unit VSG security policies are combined with VSGs as units to generate the latest VSG security policies, and the latest VSG security policies are issued to all the VSGs. According to the
system and the method, the VSG security policies of a
Hypervisor mode can be configured from user dimensionality.