Your business should focus on what makes it special. Printers don’t make banks special so they should NOT make their own printers.
Anything except what makes your business special is a DISTRACTION, that especially means software. Buy anything that is even remotely like a printer.
Conversely if there is something that makes your business special, YOU must do it yourself. If that means self hosting some open source thing it ALSO means you need to become maintainers of that open source thing.
Own the things you need to be good at outsource EVERYTHING ELSE, no exceptions.
Here’s a really gray example to drive this home
Let’s say there’s some part of your business that needs to print invoices on paper that’s as thick as blue jeans. You look and look and look and no one sells printers that print on that kind of paper. You have two options, 1. Realize that it’s probably dumb that you are trying to print on paper that thick and change your business to deal with regular paper, or 2. Decide that that’s what makes your business special and start manufacturing printers.
It sounds like you just want email auth. Also known as passwordless login. Also known as magic link.
Fail2ban is a much more robust solution than automated up whitelisting. You are gonna have so many issues with that. What if someone opens your site from a coffee shop, or their isp changes their IP address with a router restart? You’d have to reauth that client. But then you’d also still be allowing the old ip.
I don’t think automated whitelisting is “a thing”. Mostly because an IP is not an identity so it’s woefully insufficient to authenticate people.
Also brute forcing should be handled by whatever handles auth by rate limiting auth requests by ip.