A more secure alternative to the default setup of Faculty Access for the Web is not to use anonymous access. You disable anonymous access to the Faculty Access for the Web Virtual Directory in the Internet Service Manager and enable only integrated Windows authentication.
You must create or add Windows 2008 user accounts (local or domain) on the web server for each Faculty Access for the Web user. You add these accounts so they are granted all necessary directory permissions. Users must log into the network with a Windows account before they can log into Faculty Access for the Web.