But the Dutch state instance isn’t meant to assert power over user content nor is it meant to influence any information shared. Normal people won’t be able to create an account on that instance, so they cannot see what people view or limit what people create.
The reason for the instance is to have a government owned instance to share things that aren’t limited by another 3rd party commercial company. Now the government is in control instead of meta or Twitter and they can’t decide to, for instance, limit view access for everyone with no accounts one day. (Looking at you Twitter)
Another additional advantage is that all the official dutch government accounts are now grouped on an instance with limited and screened account creation. So now everything from that instance is verified to be from the Dutch government. Possibly reducing fraud and impersonating accounts in the future once people get used to the federated usernames.
Honestly the default config is good enough to prevent brute force attacks on ssh. Just installing it and forgetting about it is a definite option.
I think the default block time is 10 minutes after 5 failed login attempts in 10 minutes. Not enough to ever be in your way but enough to fustrate any automated attacks. And it’s got default config for a ton of services by default. Check your /etc/fail2ban/jail.conf for an overview.
I see that a recidive filter that bans repeat offenders for a week after 10 fail2ban bans in one day is also default now. So I’d say that the results are perfect unless you have some exotic or own service you need fail2ban for.