VS2008, ASP.NET, C#, .mdb, data files.

I know that using web.config you can create users and roles and then protect folders.

My question is, how should you structure the folder and pages to take advantage of the security when you are creating a forum?

A new folder and users assigned to it with the pages for that forum inside?

Another way of asking this is, what does each forum need if you want to only allow a logged in user to see what they are authorized to see?

Does each forum need a folder dedicated to it so that you can lock it out except for users with authorization?