Hi jquadri,
I wonder if the requests are passing through multiple ASM-enabled virtual servers? Can you post some examples of the ASM cookie names. They should start with TS. I'd expect the cookie name for one web application should always be the same as it's a hash of the web application name. If the clients are accessing several subdomains on the same domain which all use ASM, maybe a solution would be to use an iRule to set the domain on the cookies to the fully qualified subdomain. This would ensure the client would only include the ASM cookie for the specific web application.
That said, F5 Support should be able to explain the logic for when ASM cookies are used--if not what the cookies contain (the latter being proprietary). If the high number of cookies is breaking your application and the product manager of ASM says the behavior you're seeing isn't expected, I think you have good grounds to push F5 to explain why you're seeing so many ASM cookies.
Aaron