Mobile Agent technology provides a new means for network management, but it also brings some insecurity factors at the same time. Based on the analysis of the security threats and the corresponding measures that may occur during the policy and mobile agent based network management applications, the MASF (mobile Agent security facility) for network management is presented. MASF supports a wide span of security mechanisms such as storage protection, confidentiality, authentication, integrity, authorization and security log, all these mechanisms are seamlessly integrated to secure the network management. Based on MASF, a practical network management application, inter-domain virtual private network configuration, is developed. Verified by the application, MASF can satisfy with most security requirement of network management.