There has been discussion about this in the forum and the general consensus is that Virtualmin with Fail2Ban (which is enabled and configured out of the box when Virtualmin is installed with default options) is as secure a system as one could hope to have.