Guide to Intrusion Detection and Prevention Systems (IDPS): Recommendations of the National Institute of Standards and Technology [open pdf - 1MB]
"This publication describes the characteristics of IDPS [intrusion detection and prevention systems] technologies and provides recommendations for designing, implementing, configuring, securing, monitoring, and maintaining them. The types of IDPS technologies are differentiated primarily by the types of events that they monitor and the ways in which they are deployed. This publication discusses the following four types of IDPS technologies: Network-based; wireless, Network Behavior Analysis (NBA); and Host-Based."
Special Publication 800-94
Computer Security Resource Center, NIST: http://csrc.nist.gov/