our web application employs Forms Authentication because anonymous users view its web pages over the internet. the application also contains a bunch of web service methods that are purely used by an internal tech support application.

I cannot seperate my web service methods into a different application because they query the data cache of the main app so need to be integral to it.

although the application as a whole uses Forms Authentication, i would like to restrict access to these web service methods to just the internal Tech Support Team/application on the local network so they are not exposed to the general public. is this possible?