We used to get this all the time. We ended up using IPSec to block all but the necessary ports to prevent the AD lockout issue. Essentially, that is what this attack is, to lock out your AD accounts. The result is that accounts get locked out and then in about 30 minutes or whatever your settings are, they come back. Problem is, admin and service accounts get nailed, too.

You can block this on the perimeter, to an extent, but the IPSec solution is the best and most effective.