Logons to Application servers can be restricted by computer, by DNS domain, and by account. To grant or deny logons to specific computers, groups of computers, and domains, you can use the IIS Grant/Deny feature.
For individual accounts, when using Membership Authentication, the P&M Authentication Server automatically denies logons to accounts whose logon attempts fail repeatedly within a short period of time.