Kerberos is a computer network authentication protocol that works on the basis of 'tickets' to allow endpoints communicating over a non-secure network to prove their identity to one another in a secure manner.
When users request Internet content, they are prompted to enter their network credentials. Kerberos authentication uses a Kerberos server as a central secure password store. Therefore, the benefit of using Kerberos is that it provides a higher degree of security. After the user's credentials are authenticated with a Kerberos Server, a special encrypted "ticket" certified by the Kerberos server is used to access TMWS and the Internet.
When user authentication is enabled in either captive portal mode or transparent authentication mode, you can take advantage of the automatic authentication feature provided in the Internet Explorer web browser. With automatic authentication, users already logged on to the domain network can access the local Intranet without having to enter the logon credentials, that is, no password screen displays.
When users are configured with Kerberos authentication, non-browser applications that do not support Kerberos authentication on their client devices will fail.