A method and apparatus for evaluating the security of a subscriber network are provided. In the method and apparatus for evaluating the security of a subscriber network, pieces of information regarding a plurality of security functions provided by each of a plurality of network security devices connected to a network are collected, and the security functions are classified according to their types, purposes of use, and priority levels. Scores are given to the security functions using weights with reference to the classification results, and a security level for the network is determined by summing the scores of the security functions. Therefore, it is possible to objectively evaluate how secure a network is against cyber attacks launched internally or externally upon the network. In addition, it is possible to evaluate security functions provided by network security devices in a network in advance and enhance the performance of the security functions based on the evaluation results.