Security policy feasibility assessment is to evaluate the ability of the implemented policy to resist threats, fix system vulnerabilities, etc., whether it is in the user’s acceptable range, and also a measure of security and cost balance. There has been outstanding progress in the current research on automated security policies, and the implementation and application of various security policies are progressing well, but we should pay more attention to security policy effectiveness, which better reflects the risks and the scope and degree of risks accepted by the existing system. However, in many security policy evaluations, there is basically no comprehensive evaluation of existing security policies, and more often the existing vulnerabilities and the degree of risk after being threatened are presented, without quantitative and qualitative feasibility assessment. Based on the existing security policy evaluation methods, a method for assessing the feasibility of automated security protection policies is introduced.