Aimed at the problems that the existing network situation awareness cannot acquire on-demand situation information and cannot adjust the network structure according to situational threat of network attacks dynamically, a SDN-based virtual honey-net architecture is proposed on the basis of flexible traffic control principle with the combination of good scalability and manageability of OpenDaylight controller. Through constructing a SDN-based virtual honey-net, the separation between data control layer and data transmission layer is realized. Simultaneously, traffic controlling difficulty and inconvenience of deploying or dynamically adjusting physical machines are solved compared to traditional honey-nets. At last, the paper utilizes Mininet platform for building SDN virtual honey-net. The experiment results show that the SDN-based virtual honey-net can achieve on-demand access to situation information and dynamic adjustment of network structure etc., thus reducing the network attack threat.