Surprise! I know that many had expected the next update released for UAG to be SP1 Update2, but instead we are going straight to SP2. This update not only resolves a list of issues that some customers have called into Microsoft about, but also comes with some added support for newer mobile client devices, and has some significant changes to the way that UAG works with ADFS.

Download it here

Installation instructions

As with any update to the UAG or TMG platform, we recommend launching the installer from an elevated command prompt. This Service Pack also includes some considerations to be taken for the current status of your UAG and TMG versions. Before running the SP2 installer:

• Make sure UAG is running at least SP1 Update1
• Make sure TMG is running at least SP2

List of new features (http://support.microsoft.com/kb/2710791 for the whole list)

• Improved SharePoint 2010 support
  Forefront UAG 2010 SP2 lets users authenticate to a trunk by using Microsoft Office Forms-Based Authentication (MSOFBA) when the trunk uses Active Directory Federation Services (AD FS) 2.0 for authentication.
• Improved Active Directory Federation Services 2.0 support
  You can provide remote and partner employees with access to published applications that have AD FS 2.0 enabled. For example, you can do the following:
  • Use AD FS multi-namespace support: Multi-namespace support for AD FS 2.0 lets you use a single AD FS 2.0 server that has multiple Forefront UAG trunks when the fully qualified domain names (FQDNs or public host names) of the trunks are in different domains. For example, the FQDN of the first trunk is portal.contoso.com, and the FQDN of the second trunk is portal.fabrikam.com. Both trunks can be configured to perform AD FS authentication by using the same AD FS 2.0 server (sts.contoso.com). In this kind of deployment, the AD FS 2.0 server is published through one of the Forefront UAG trunks or by an AD FS proxy that is parallel to Forefront UAG.
  • Use the AD FS proxy to publish the AD FS 2.0 server: Publishing the AD FS 2.0 server by an AD FS proxy has many advantages over publishing the AD FS 2.0 server through Forefront UAG. These advantages include support for Office 365 authentication and mobile devices.
  • Enable complex topologies: You can use Forefront UAG to publish a SharePoint website that is located in one site when the AD FS server is located in another site.
• Added client devices
  Forefront UAG 2010 SP2 lets users connect from the following mobile devices:
  • Windows Phone 7.5
  • iOS 5.x on iPad and iPhone
  • Android 4.x on tablets and phones