Conventional security tools, methods and techniques that have been used for several years become less ineffective against new security threats. Therefore, it is necessary to focus on another tools and techniques. In this respect, honeypots and honeynets repre-sent a relatively new approach to fight security threats. In this thesis we focus on virtual honeynets based on operating system level virtualization. In this type of virtualization the kernel of an operating system allows multiple isolated user-space instances. To de-ploy virtual honeynet successfully, its architecture must be deployed correctly. There are some core elements of the virtual honeynet architecture –data capture, data control, data collection and data analysis. This thesis proposes virtual honeynet based on oper-ating system level virtualization and discusses related technical and legal aspects. In the thesis we propose new definitions of attacks against low-level interaction and high-level interaction server honeypots. Also, we have proposed the decision algorithms of data flow in virtual honeynets based on operating system level virtualization. In this thesis we discuss the civil and criminal liability and propose data control based on legal analysis. Thesis also outlines incident taxonomy based on data collected from honey-pots and honeynets. Also we focus on time-oriented data and we provide lessons learned from these data. Based on technical and legal requirements for honeynets´ de-ployment and usage and concept of operating system level virtualization we propose the virtual honeynet. We have designed and implemented own file system, software sensors (e.g. process sensor, memory sensor etc.) and hardware sensors (e.g. tempera-ture sensor, sound sensor etc.). Subsequently we propose modular data control. This data control is based on decision modules and decision algorithm. We also propose data collection and data analysis, which correlate different events from different type of honeypots in honeynet.