In UNIX-like operating systems, we usually employ iptables to block a certain range of IPs. Unbeknown to most Windows server admins, there is too, a wizard-based iptables-like solution on Windows Server operating systems.
1. Fire up Microsoft Management Console and open secpol.msc:
2. Right click on “IP Security Policies on Local Computer” and click “Create IP Security Policy”
3. Following the wizard, give your security policy a name such as:
4. Click Add
5. For most applications, we select “This rule does not specify a tunnel”
6. Click “Add”.
7. When presented with IP Filter List, give it a descriptive name and click Add
8. Depending on your needs, select one of these source address types:
9. To block a certain range of IP address, say 38.100.28.0 to 38.100.28.254, we will use the CIDR notation: 38.100.28.0/24. To block just one IP, just enter the full IP address in.
10. You can select the protocol type to suit your needs:
11. Continue adding IP to/from criteria to suit your needs:
12. Click Add for Filter Action
13. Well you guessed it, Permit = ACCEPT, Block = DROP 
14. Continue adding filter actions.
15. Select the IP Filter List to enforce on this policy:
16. Once everything is completed, right click on your policy name and click Assign. This would enforce the policy immediately.
