I did search quite a lot but I couldn't find a definite answer: I've enabled IDS + IPS and I'm still not sure whether or not I should also monitor the WAN port or just LAN...
By searching about the subject, I did find who was saying yes and others saying that it would make no sense as the firewall will drop bad packets anyway...
I was hoping to get a definite answer from any of the security experts of the forum...
Tia.
That depends on what you want to protect against.
1. Attacks from evil outsiders?
2. Constrain compromised clients/malware?
Following the logic that you may want to drop an unwanted packet the earliest possible it's both interfaces if you consider 1 and 2 valid scenarios.