As your application operates as a highly available, cross-region solution behind a global external HTTP(S) load balancer, you observe notable spikes in traffic originating from numerous IP addresses, without clarity on their intent. Given concerns regarding your application's availability, what action should you take to restrict traffic from these clients within a defined time frame?