A network intrusion detection system is mostly place at strategic points in a network, so that it can monitor the traffic travelling to or from different devices on that network. While choosing such a system, you should compare the main types of a network intrusion detection system. There are mainly two types of such system. One is signature based system and the other is anomaly based system. A signature based intrusion detection system is tuned towards a particular vulnerability, so it has less number of false positives (FP), whereas anomaly based system will search for attacks that are out of the norms, leading to higher rate of false positives. Therefore, you should choose a system as per your specific requirements.
While many in the security industry believe IPS is the way of the future and that IPS will take over IDS, it is somewhat of an apples and oranges comparison. The two solutions are different in that one is a passive detection monitoring system and the other is an active prevention system. The age-old debate of why you want to would be passive when you could be active comes into play. You can also evaluate the implementation of a more mature IDS technology, versus the younger, less established IPS solutions. The drawbacks mentioned regarding IDS can largely be overcome with proper training, management, and implementation. Plus, overall an IDS solution will be cheaper to implement. Many, however, look at the added benefits of the intuitive IPS systems and believing that IPS is the next generation of IDS choose to use the newer IPSs as opposed to the IDSs. Adding to the muddle, of course, will be your initial decision of choosing host-based or network-based systems for either IDS or IPS security solutions.