One good thing about an IDS that I like. The fingerprinting so to speak of the perpertrator. If the firewall just logged the attack well you may have an IP. So what, we all know thats useless sometimes, depending on the size of the attack. The company may not want to persue it. Or it camr from outer Mongolia somewhere. However, the way they are going with the IDS, you can see what they are up to, what protocols and such. Where they traveresed the servers and blah, blah, blah. Point being with more detailed info inside "the frame". You may be able to shut a hole that some "boob" in say, accounting left open when he left his power user account logged in to the SQL server while updating the price list or something. I find this to be the most benificial offering that the IDS is headed for. May save a company many $ before something big hits.
My itty bitty $.02 worth...