Is it exist some way to prevent force attack that focuses on Mobile access VPN / Remote access VPN? The client want to some way like PA IPS signature as
Name: Palo Alto Networks Firewall VPN Login Authentication Attempt
Description: This alert indicates that a user is trying to login to Palo Alto Network's firewall VPN or global protect service.
or other useful ways but not MFA. Because he thinks force attack is waste his appliance CPU / memory resources. They are suffering from Mobile access VPN / Remote access VPN force attack lasts for several days. MFA is useless for wasting appliance CPU / memory resources part.
Who can give me some advice?