There is no way for an external IDS appliance to detect attacks directly against the serial-interface of the router.
There is an IDS feature within the IOS Firewall images for some of Cisco's routers. You could try using the IOS Firewall images, and then setup the IDS feature to monitor all traffic directed to the IP Addresses of the router itself. (NOTE: the external IDS is already monitoring the packets getting through the router, so you only need the IOS IDS to monitor packets sent directly to the router.)
The IDS alarms in the IOS Firewall are fairly limited when compared to the external appliance. But it could be handy when the IOS IDS, and the external IDS are used in conjunction with one another.
As for prevention, the best option here is to setup a Pre-Shun ACL that the IDSM will always prepend to the ACL that it creates on the router.
You can use that Pre-Shun ACL to go ahead and permit any packets that need to get directly to the router ips, and then deny all other packets destined for the router ips. So you may only permit packets to your router ip from your service provider's router, and maybe packets from the routers from your other sites, and then deny every other ip from directly contacting your router. Packets destined for ips inside your network will still get through just fine (unless of course you also add some deny lines to prevent some of those packets as well.)
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :