Automatically ban IPs that attempt to login with the admin username

I ticked this option in Defender, but when i look at the audit logging, i can still see, for example, 70 failed login attempts from the same ip address using the username admin in the span of 2 days. What did I miss?

the ip address in question is