The standard SSH server does not come with any usable form of SSH brute force attack prevention, but with a few firewall rules it’s possible to implement something that works quite well. I have set up the rules on 2 machines with great success. To make sure that I dont get locked out accidentally though I added an extra rule before these to allow access from my trusted network. If you only have remote access to the machine, it may be a good idea to do the same.