<Li> Intrusion prevention systems (IPS) </Li> <Li> User identity management integration (by binding user IDs to IP or MAC addresses for "reputation") </Li> <Li> Web application firewall (WAF). WAF attacks may be implemented in the tool "WAF Fingerprinting utilizing timing side channels" (WAFFle) </Li> <P> Firewalls are generally categorized as network - based or host - based . Network - based firewalls are positioned on the gateway computers of LANs, WANs and intranets . They are either software appliances running on general - purpose hardware, or hardware - based firewall computer appliances . Firewall appliances may also offer other functionality to the internal network they protect, such as acting as a DHCP or VPN server for that network . Host - based firewalls are positioned on the network node itself and control network traffic in and out of those machines. . The host - based firewall may be a daemon or service as a part of the operating system or an agent application such as endpoint security or protection . Each has advantages and disadvantages . However, each has a role in layered security . </P>

What kind of security mechanism is a firewall