wacky_sung (not Mittens): Sounds like a lame argument.

Firstly, if your firewall logs packets which violate the policy, then it is a form of IDS in itself

Secondly, IDS generally detect attacks which are much more subtle than firewall policy violations. For example, HTTP-based attacks on legitimate web applications, dodgy mail arriving via SMTP.

Also, IDS will correlate multiple packets to see scanning attempts, which a packet log will not give you (unless you look at it manually for hours)

IDS do not just log *actual* intrusions, also attempted ones. In fact, attempted intrusions are far more common than successful ones.

IDS are also very important for forensics, for example, if one of your users is running programs they shouldn't, and the programs make outgoing attacks, your IDS will catch those so that you can inform the network admins on the receiving end.