The paper expounds on the design and implementation of active protection system based on network security situation awareness from four parts of Application Firewall (AF), Access Control (AC), Endpoint Detection and Response (EDR), and Security Information Perception (SIP), introduces the application effects of system, points out that the system provides all-round protection from aspects of hospital network boundary, internal network, endpoint, etc., which greatly improves the timeliness and accuracy of responding to threats.