In the process of installing/configuring the 1IM Web Portal (using the App Server site as backend) we are in doubt about Authentication configuration for the sites hosted in IIS.
In installations guides both Anonymus Authentication and Windows Authentication are mentioned as valid options but in video tutorials Anonymus Authentication is not recomended for use in Productive enviroment,
We would like to enforce security in the App Server site by disabling Anonymus Authentication
Web Portal site => Anonymus Authentication enabled on IIS and Employee (Role based) for login
App Server site => Anonymus Authentication disabled on IIS, Windows Authentication enabled
Is this the correct configuration ? any recomended aproach for Productive environment ?