Your colleague noticed an increasing amount of suspicious traffic entering your project's virtual private cloud (VPC) while on call at night. Your colleague updated the configuration of Cloud Armor to stop the traffic that originates from certain IP addresses. The change reduced the network traffic, but there were escalations from an affected customer, which resulted in penalties for your company. Your team wants to use Google-recommended practices to prevent a recurrence. What should you do?