We have Cisco Firewall ASA 5585-SSP-20. Our all servers are behind the firewall. Could it be possible that only those clients only access the servers which are domain joined and do not give access to those whom are not domained joined.
If you integrate the firewall with an identity source this can be done with the use of the "identity firewall" features - essentially using user identity or AD group membership as part of an ACL.
Most of the documents are a bit dated and refer to AD agent or Context Directory Agent (CDA) as the identity source.
AD Agent and CDA are mostly deprecated and the current solution involves integration via Cisco Identity Services Engine (ISE) or the lightweight version of that ISE-PIC (ISE Passive Identity Collector):