We've used the CopSSH package to provide SSH and SFTP service on various Windows servers. Until now, we have not had a solution in place to block brute force attacks on the SSH server. We use the excellent fail2ban on our Linux systems, but we had not found a similar tool for Windows.
Yesterday we came across a solution to this problem:
It works very well on a Windows Server 2008 system where we've deployed it. The only thing it's lacking is a way to automatically remove banned IPs after a period of time. We'll post an addition to this tool if we implement this feature.