When running a Web Agent, can wildcard * in AgentName be used in order
to map any host to the single configuration ? This is to achieve the
business requirement to add "automatically" protection of new domain
without having to add manually the new domain in the AgentName ACO.

At first glance, the AgentName ACO doesn't allow wildcards as * (1).

Reading the AgentName description further, the AgentName can map to IP
addresses like :

  Example: myagent1,192.168.0.0 (IPV4)
  Example: myagent2, 2001:DB8::/32 (IPV6)

As such, if the multiple domain names refer to the same IP address,
all domains with the same given IP Address will be protected.

Also, DefaultAgentName will be the default AgentName for any "not
found mapping" in AgentName. As such the unique value from
DefaultAgentName will be used.

So, may be a combination of AgentName mapping with unique IP Address
and a specific choice of the DefaultAgentName value might you help to
implement the requirement to add "automatically" protection of new
domain.

(1)

    AgentName

      Limits: Must contain 7-bit ASCII characters in the range of 32-127,
      and include one or more printable characters. Cannot contain the
      ampersand (&) and asterisk (*) characters

    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/web-agent-configuration/basic-agent-setup-and-policy-server-connections.html