Web server .NET Authorization rules
We are currently going over the Microsoft IIS 10.0 Server Security Technical Implementation Guide for our FNMS servers in a DoD environment. We have an open finding with vulnerability ID V-100185, which requires no other than "Administrators" to have authorized access. Currently "All Users" have access.
My question is if we restrict this setting to only Administrators, would it cause any performance issues to the FNMS web or application server?