What's new in Forefront UAG Service Pack 2

Application publishing

AD FS 2.0

In SP2 the relationship between how Forefront UAG uses Active Directory Federation Services (AD FS) 2.0 for authentication and how Forefront UAG publishes the AD FS 2.0 server has changed. With SP2, you can publish the AD FS server independently of the trunk authentication settings. This enables the following scenarios:

• AD FS multi-namespace support—Multi-namespace support with AD FS 2.0 allows you to use a single AD FS 2.0 server with multiple Forefront UAG trunks when the FQDNs (the public host names) of the trunks are in different domains.
  
  For example, the FQDN of the first trunk is portal.contoso.com and the FQDN of the second trunk is portal.fabrikam.com. Both trunks can be configured to perform AD FS authentication using the same AD FS 2.0 server: sts.contoso.com. In this type of deployment, the AD FS 2.0 server is published through one of the Forefront UAG trunks, or by an AD FS proxy that is parallel to Forefront UAG.
  
  
• Using the AD FS proxy to publish the AD FS 2.0 server—The AD FS proxy has many benefits compared to publishing the AD FS 2.0 server through Forefront UAG; including, support for Office365 authentication and mobile devices.
  
  
• Enabling complex topologies—For example, using Forefront UAG to publish a SharePoint website located in one site when the AD FS server is located in another site.
  
  

Client devices

Mobile

The number of mobile devices supported by Forefront UAG has been expanded and now includes the following devices which support Exchange ActiveSync and mobile web application browsing:

• Windows Phone 7.5
  
  
• iOS 5.x on iPad and iPhone
  
  
• Android 4.x on tablets and phones
  
  

For more information see System requirements for Forefront UAG client devices.