IKE Authentication Security
Updated: March 28, 2003
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
You can use Windows Server 2003 IPSec policies and IKE authentication to limit network access to trusted computers. In most scenarios, successful IKE authentication results in successful network access to a computer. IKE is not aware of the identity or the public key that is expected from the peer. Therefore, if the certificate private key or domain password for a computer were compromised, an attacker might be able to use that computer to successfully authenticate and gain access to another IPSec-protected computer or to conduct trusted man-in-the-middle attacks on IPSec communication. To ensure that IPSec provides the appropriate network access controls, carefully consider the following:
How computers are joined to an Active Directory security domain.
How trusts between domains and forests are controlled.
How computers obtain a certificate from a trusted root CA (or an issuing CA).
How PKI trust is controlled (for example, how cross certificates are handled).
How to reduce the number of trusted computers.