Patent attributes
A method and an apparatus are provided for deploying a security access control policy in the field of network security. The method, executed by a cloud management platform, includes: determining, according to an application creation instruction, an application template used for an application that needs to be created and a security profile corresponding to the application template; instructing a virtualization platform to create, according to the application template, a corresponding virtual machine for each application component in the application, and obtaining an IP address of each virtual machine created by the virtualization platform; generating a group of security access control policies corresponding to the application according to the IP address of each virtual machine and by using the security profile; and delivering the group of security access control policies to a corresponding firewall. Therefore, a security access control policy is automatically deployed.