Although the first two portions of this policy tutorial are self explanatory; Kerberos is used for advanced security with servers that encrypt data through token (ticket) exchanging. This setting is generally used in a local area network that contains a server that provides this security.
Computer Configuration\Windows Settings\Local Policies\Kerberos Policy
Enforce user logon restrictions - This setting determines whether Kerberos V5 validates every request for a session ticket
Maximum lifetime for service ticket - This setting must be greater than 10 minutes. This policy setting determines the maximum amount of time that a granted session ticket can be used to access a particular service on the server. Time is in minutes.
Maximum lifetime for user ticket - This time is measured in hours. This is the maximum lifetime of a TGT (ticket granting ticket).
Maximum lifetime for user ticket renewal - This policy is measured in days in which a ticket may be renewed.
Maximum tolerance for computer clock synchronization - Kerberos is time sensitive. This is the maximum number of minutes in the client computer and the server's computer.
Kerberos is one of many security settings that helps in the protection of data and assets in a company.