ISM Security Measures

Microsoft Internet Information Server provides a Microsoft Management Console (MMC) snap-in called the Microsoft Internet Service Manager (ISM). You can use ISM to restrict access to files and folders.

For example, you will want to restrict access to the administrative functions of the CML application. To use ISM to check the security settings for the CML application's Admin folder (which contains the ASP files that provide administrative functionality), use this procedure:

To restrict access to the Admin folder using ISM

1. Start the Internet Service Manager. Do this by clicking Start, pointing to Programs, and clicking Windows NT 4.0 Option Pack. Then, click Microsoft Internet Information Server, and then Internet Service Manager (ISM).
2. Expand the <Server Name> folder and the Default Web Site folder. Right-click the Admin folder under FmLib. Click Properties to display the Admin Properties dialog box.
3. Click the Directory Security tab. You will see the following dialog box.

   

4. Click Edit for Anonymous Access and Authentication Control.
5. In the new dialog box clear Allow Anonymous Access. Leave the Windows NT Challenge/Response option selected.
6. Click OK to close the Authentication Methods dialog box.
7. Click OK to close the Admin Properties dialog box.