I've found the default 10min bans hardly bother some attackers. So I've added the "recidive" feature of fail2ban. After the second 10min ban, the attacker is blocked for 1 week.
Oh definitely. My systems are set to "3 bans and you're out" - a recidive ban is permanent after three other bans. I have large parts of some subnets in my ban list as attackers just move from one host to another as they get banned.