@SteveITS thanks for the response. No, these boxes can't handle these failures yet (I read that the vendor may be working on it). They can block on repeated failed logins for actual accounts, but not for non-existing accounts. And it's not a server OS that we can install software on, so fail2ban (or better, crowdsec) is not an option. Thanks for the ideas, though!