If this capability is activated, any clients that repeatedly fail in attempting authentication will be temporarily blocked for a period of time (10~1200 seconds, default is 30). Clients temporarily blocked by the Intrusion Prevention feature are not added to the Blocked Clients list on the Services & Profiles > Access Control page, Blocked Clients section.
For repeated authentication failure blocking feature, if ZD detects station authentication failures more than 5 times, there will be an event log entry. If it is more than 10 times and if the temp block is enabled, this station will be blocked for 30 seconds. After the block is lifted, the counter is reset. Auth failure includes failed shared key auth failure, 802.1x/WPA auth failures.