On my Big-IP 16.1.2 APM-VE, I enabled fatclient check policy that is checking for the follwoing client types:
Expression: Client type is Portal Client
OR Client type is Standalone Client
OR Client type is Standalone Client AND Client App ID is F5 Access Client
The fallback option goes to deny page. I want to block all scanning attempts and only legitimate attempts that are originating from Edge clients. However, after implementing this policy, I am showing multiple legit users getting blocked erroneously. when looked at the session ID, I don't see any cleint type in the received info. But, I see MacEdgeClient/xxxx in the user-agent string. The same user when he reattempts to connect, big-IP is picking up the client type as standalone and allowing it.
What should I do in this case to correctly match the user machines?