MS Web Deploy + Web Deploy Remote Service, How is it secured

I'm trying to automate deploying a site to our production server after a build. The production server is hosted by some third party provider and is not on our LAN.

If I:

• Install Web Depl开发者_StackOverflow中文版oy on our build machine (source)
• Install Web Deploy on the production machine (destination)
• Install the additional Web Deploy Remote Service on the production machine

Given that the production machine is "out in the wild," how is the service secured such that only I can publish files to the production machine? Does it use windows authentication?

It uses windows authentication.

See the following KB article to see how to secure the service: http://technet.microsoft.com/en-us/library/dd569093(WS.10).aspx