We have the enahnced setup configured on our network, with the Proxy VM in the DMZ and the Hub VM in the internal network.
We do security scan on our network and noticed that the Welcome Page of the default website (where EMM installs) appears when you browse via public IP or friendly name.
I am wondering how we can get around and disable this, so nothing is displayed.
Help is appreciated.
I still have not tried your suggestion...
reply from McAfee support:
"...I checked that DefaultAppPool should not be stopped...."
"....delete iisstart.htm or remove it from the list of acceptable default Web pages in the Default Website. Also it is related to IIS and beyond the scope of our product ..."
I had already renamed iisstart.htm and it displays a 404 access denied; however from a hackers' point of view they still will know that a webserver is running on that IP/name. Furthermore after renaming the iisstart.htm file log files of over 4Gb in size have been created on W3SVC1 folder.
Well you need https available from the outside for everything to work properly so you can't disable that but as for blocking the insecure http page, is it not acceptable to leave everything at the defaults and block port 80 on the firewall from the internet and internal zones?