The article considers the problem of dynamic management of a protection system based on Honeypot technology. To solve this problem, a method is proposed to reduce the requirements for computing resources and a function for assessing the criticality and risk of compromising nodes of the functional network infrastructure, the use of which allows taking into account the peculiarities of the implementation of technological processes and the dynamics of attack development.