I have a requirment to allow email application traffic initialated from email clinets i.e outlook, boxer only and block all traffic initiated from web browsers. Please inform how we can accomplish this using ASM.
you are not giving away a lot of information, like clients coming from internal / external IP adress ranges, or type of mail server (Exchange, Zimbra,...). Therefore my recommendations cannot be very specific to your issue.
However, the solution for your issue doesn't require ASM. You can use iRules or Local Traffic Policy to block access to a specific URLs (HTTP::path) or to block access by source IP (IP::client_addr) or by User-Agent String ([HTTP::header "User-Agent"]).
Of coure you can also use ASM and either set a disallowed URL or an IP Address Exception (Always Block this IP).
A word of caution: Personally, I consider blocking by User-Agent string as rubbish. UA strings can easily be spoofed.
14-Mar-2023 00:17 - edited 14-Mar-2023 00:18
I agree that blocking User-Agent is useless but F5 Bot signatures also check header order and if there are missing HTTP headers and maybe this feature in the Bot profile "Browser Access(BIG-IP 15.x and later)" set to "Block" you can test https://my.f5.com/manage/s/article/K42323285