It is possible to define security policy to: Restrict users to authentication mechanisms Enforce Quality of Protection (QoP) standards with network encryption