If you're using the Virtual Appliance, and if you have a support contract then you could raise an RFE for this functionality.
Note that vTM already has a similar feature, if NAT is enabled then it adds these iptables rules:
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * ens4 0.0.0.0/0 0.0.0.0/0 state NEW
0 0 ACCEPT all -- ens3 * 0.0.0.0/0 0.0.0.0/0 state NEW
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/min burst 5 LOG flags 0 level 5 prefix "NAT forbidden: "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
If you're using the software version of vTM instead, then this doesn't manage iptables rules (except for the ip transparency rules), that's up to the admin, so you could have any iptables setup with that.
Pulse Secure vADC Support (Acquired by Ivanti)