Some of my good OCS friends (Kjeld and Kenneth) pointed me to this great article from RUI Maximo on protecting your Edge/OCS from DoS.
In some company’s users will actually be looked out after 3-5 bad login attempts, and stay looked out until they are unlocked, in most company's they will reopen automatically after 5-15 min and then they will have 3-5 login attempts again.
But no matter if it’s 5 min or 30 min that users are looked out, it’s could give load on the helpdesk, and loss of productivity .
DoS attacks can be done from self made applications/scripts . I have not heard of customers that have had attack yet, but if you have customers that have concerns on this topic, please read Rui Maximo great article and maybe use the filter on your Edge server.