I currently have a Fortigate 100D firewall with the ability to use IPS and I also have Symantec Endpoint Protection 12.1 that also has IPS protection. Is it recommended to use a combination of IPS technologies or should you only use one? My infrastructure consists of one SBS 2011 server, a web server, a file server, and roughly 60-70 Windows 7 workstations. The workstations are all using the default SEP 12.1 Intrusion Protection policy, but the servers are not. I have not enabled IPS within the Fortigate 100D but I am debating on enabling it for added security. Would it be recommended to do so, or should I use the SEP 12.1 Intrusion Protection on the servers as well as the workstations and call it a day?
Any information is appreciated.