If we have deployed Sand blaster at the gateway then why there is a need to enable IPS blade ? I want to know whether we need both or not ?
Sandblast and IPS look for different types of threats and it is recommended you deploy both.
IPS is looking at network traffic in general, preventing threats that can occur due to malicious use of known flaws.
For example, there are attacks specifically against the SMB protocol that made the news recently.
With updated signatures and Security Gateways in the proper locations, those sorts of attacks can be prevented.
This is, of course, just one of thousands of examples.
SandBlast is looking at Office and PDF files to see if they are malicious through emulation.
This is not something IPS is designed to handle.
Likewise, Sandblast isn't looking at things like the SMB protocol.
Very clear answer
IPS is looking for a wide variety of known network attacks of different kinds. Sandblast is looking for unknown (and of course also known) malware files. I would also add that Sandblast looks for many types of files in addition to Office and PDF. For instance, for Sandblast Threat Emulation exe, swf, jar, archives...
Retrieving data ...