In this environment you have to be aware of the so called “Security Theater” that has popped up here in these fora in the past, if you rely on an IDS it needs to actually detect those vectors, I am concerned that the current FreePBX “potted” fail2ban solution at this point in time is in fact “Theatrical” (i.e. not particularly effective), I am sure that many would love that I be proven wrong 