I want to prevent password brute-force to our webmail server from Internet with Rate-Based Attack Prevention and there is just one webmail server internally. I would configure a rule under Control Simultaneous Connections, track by source with max connection 10, timeout 60 and action drop. what would be the value put into network field though if I want to track the connections coming from Internet? Can I use 0.0.0.0/0?